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.INFRASTRUCTURE  LOG 

_DAY  45:  These  underutilized  storage  boxes  have  proliferated 
exponentially.  Their  inability  to  share  capacity  has 
doomed  us.  We’re  trapped  in  a  maze  of  our  own  creation. 

_DAY  47:  I  tried  to  give  Gil  a  boost  over  this  wall,  but 
he  pulled  a  hammie. 

_DAY  48:  I’ve  taken  back  control  with  IBM  System  Storage™ 
SAN  Volume  Controller.  It  puts  my  entire  storage  universe 
into  a  simple,  virtualized  pool.  And,  unlike  EMC,  IBM  has 
fourth-generation  virtualization  technology  and  over  2,000 
customers.  I  am  seeing  results. 

.Productivity  is  up.  Utilization  is  up.  I.T.  guys  lost  in 
mazes  of  data  is  down. 


IBM.COM/TAKEBACKCONTROL/STORAGE 


“Art  is  either  plagiarism  or  revolution/’ 

—  Paul  Gaugin 
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SOLUTIONS 


This  is  revolutionary. 


What  if  you  could  add  a  whole  new  dimension  to  your 
communications  room — and  also  save  time,  space  and  money? 


Introducing  the  ergonomically  designed,  aesthetically 


pleasing  VisiPatcl  :  a  patching  system 


that  will  dramatically  alter  the  way  you  view  performance. 


Are  you  ready  to  experience  the  revolution? 


NETWORKWORLD 


Newsbits 
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Network 

Infrastructure 

10  Enterasys  appliance  embraces 
security 

22  Opinion:  On  Technology:  Does 
it  take  200  products  to  secure  the 
enterprise? 

49  Cisco  extends  LAN  security 

50  Opinion:  BackSpin:  High 
expectations  and  hacking. 

Enterprise  Computing 

10  LinuxWorld  speakers  talk  up 
security 

49  Volume  servers  sucking  up 
power. 

Application  Services 

8  How  Lauth  is  growing  IT  with 
downsizing  in  mind. 

8  Microsoft,  IBM  in  slap 
fight  over  open  document 
formats. 


12  Microsoft  leaves  out 
virtualization. 

16  Survey  says  shortage  puts  SAP 
workers  in  high  demand. 

49  Start-up  to  alert  IT  on  app 
performance. 

50  Opinion:  ‘Het  Buzz:  Are  prepaid 
credit  cards  the  future  of 
e-commerce? 

Service  Providers 

8  Don't  expect  video  to  exhaust 
fiber  glut. 

Tech  Update 

20  Understanding  delta 
compression. 

20  Ask  Dr.  Internet. 

6  Networkworld.eem:  Catch 
up  on  the  latest  online 
forums,  blogs,  newsletters, 
videos  and  help-desk 
queries. 


New  Data  Center 


In  this  first  of  our  six-part,  fourth  annual  New  Data 
Center  series,  we  take  a  stroll  down  the  concept’s  walk 
of  fame,  from  technological  innovation  to  stellar 
examples  of  enterprise  best  practices. 

Beginning  on  page  24  you’ll  find: 

•  10  best  products  for  the  New  Data  Center 
•  Six  open  source  gems. 

•  Best  practices  for  building  a  Linux  grid. 

•  Top  tips  for  implementing  an  enterprise  service-oriented 
architecture. 

•  A  heads-up  on  a  great  New  Data  Center  career  opportunity 
•  A  status  report  on  how  automated  IT  is  today 


Cisco  addresses  security  gear  flaws 

■  Bad  things  came  in  threes  for  Cisco  security  users  last 
week,  as  the  vendor  announced  vulnerabilities  in  secu¬ 
rity  hardware  products  that  could  lead  to  denial-of-ser- 
vice  attacks  on  the  devices.  Cisco’s  widely  used  stand¬ 
alone  P1X  Firewall,  Firewall  Services  Module  for  switches 
and  routers,  and  Adaptive  Security  Appliance  are  vul¬ 
nerable  to  receiving  a  wide  variety  of  doctored  packets, 
which  could  result  in  a  DoS  attack  on  the  products. 
Meanwhile,  a  fourth  vulnerability  could  let 
attackers  evade  detection  when  going  after 
this  security  gear:  Cisco’s  IOS-based  In¬ 
trusion  Prevention  System  feature  has  a 
flaw  that  could  enable  hackers  to  chop  up 
the  malicious  packets  to  evade  IPS  detec¬ 
tion  when  attacking  a  Cisco  PIX,ASA  or  other 
network  devices.  Cisco  has  released  new  soft¬ 
ware  versions  that  fix  the  vulnerabilities. 


10G  market  climbs 
past  $1  billion  mark 

■  Lower  10G  port  costs  and  grow¬ 
ing  bandwidth  demands  pushed 
the  10G  Ethernet  market  past  the 
$1  billion  mark  for  the  first  time  in 
2006,  the  Dell’Oro  Group  says.The 
average  10G  Ethernet  port  cost 
about  $4,000  last  year  —  $1,000 
less  than  in  2005.  Meanwhile, sales 
of  10G  Ethernet  gear  climbed  al¬ 
most  60%,  to  $1.2  billion,  in  2006. 


Metro  IT  jobs  prone 
to  outsourcing 

■  Offshoring  may  eliminate  as 
many  as  one  in  five  programming, 
software  engineering  and  back- 
office  jobs  during  the  next  several 
years  in  certain  metropolitan 
areas,  according  to  a  new  study  by 
the  Brookings  Institution.  The 
think  tank  found  that  28  metro¬ 
politan  areas  with  13.5%  of  the 
nation’s  population  are  likely  to 
lose  between  2.6%  and  4.3%  of 
their  jobs  to  service  offshoring. 

Attackers  seize 
on  Word  vulnerability 

■  Microsoft’s  Word  and  Office 


programs 
have  been  tar¬ 
geted  again, 
with  the  com¬ 
pany  saying 
that  hackers 
may  be  exploit¬ 
ing  a  new  vulnerability  in  the 
applications. The  warning  came 
just  after  the  company  issued 
fixes  for  20  other  bugs  in  its 
products  last  week,  including 
six  for  Word.  The  latest  problem 
affects  Office  2000  and  Office 
XP  Microsoft  said  in  a  security 
advisory.  An  attacker  could  cre¬ 
ate  a  specially-crafted  Word 
document  that,  if  opened,  could 
let  the  attacker  control  a  vic¬ 
tim’s  computer  remotely. 
Microsoft  said  it  would  divert 
from  its  patch  schedule,  set  for 
the  second  Tuesday  of  the 
month,  if  it  considers  it  neces¬ 
sary  in  this  case. 

Business,  IT  leaders 
don’t  think  alike 

■  Technology  executives  think 
highly  of  their  ability  to  deliver 


TheGoodTheBadTheUgly 

Learn  SAP,  now.  Demand  for  SAP  experts  is  on  the  rise,  and 
salaries  are  up  as  much  as  15.6%  for  some,  dwarfing  the  typical  increas¬ 
es  in  IT  salaries  of  3%  to  5%  a  year,  according  to  Foote  Partners.  A  sur¬ 
vey  by  the  consultancy  found  that  the  average  base  salary  for  directors 
of  SAP  program  management  rose  from  $115,468  to  $133,500  in  the  cal¬ 
endar  year  that  just  ended.  See  related  story  on  page  16. 

<  Find  a  laptop?  Gall  the  FBI. 

The  FBI  is  losing  fewer  laptops  —  and  weapons  — 
these  days  than  it  used  to,  but  the  criminal  justice 
organization  still  needs  better  controls  in  place  to 
protect  its  assets,  including  potentially  sensitive 
data.  The  report  issued  this  month  by  a  division  of 
the  U.S.  Department  of  Justice  follows  up  on  2002 
report,  and  found  that  the  FBI  still  lost  160  weapons 
and  160  laptops  over  a  44-month  period,  and  alarm¬ 
ingly,  "could  not  determine  in  many  cases  whether 
the  lost  or  stolen  laptop  computers  contained  sensi¬ 
tive  or  classified  information." 

I  don’t  want  my  mobile  TV  Issues  with  price,  reliabil¬ 
ity  and  quality  may  dampen  demand  for  mobile  television  in  the  United 
States,  just  as  the  service  is  about  to  hatch  here.  That's  the  conclusion 
of  a  survey  of  22,000  European  mobile-service  users  commissioned  by 
Tellabs.  The  survey  found  that  former  users  now  outnumber  current  ones 
by  more  than  19%. 


effective  IT  strategies  —  quite  a 
bit  higher  than  their  business 
counterparts  do,  according  to 
Saugatuck  Technology.  The  dis¬ 
connect  between  the  two 
camps  is  most  obvious  among 
IT  initiatives  that  focus  on  busi¬ 
ness  process  outsourcing  and 
database  consolidation.  In  the 
research  firm’s  latest  survey, 
about  70%  of  IT  executives  said 
BPO  strategies  were  effective, 
while  42%  of  business  leaders 
agreed.  Close  to  80%  of  CIOs 
said  database-consolidation 
efforts  were  paying  off,  while 
53%  of  CEOs  indicated  that  they 
felt  the  same.  Other  areas  in 
which  business  and  IT  leaders 
didn’t  agree  include  server  con¬ 
solidation  and  virtualization, 
business  intelligence  and  per¬ 
formance-management  initia¬ 
tives.  ■ 


■  CONTACT  US  Network  World,  118Turnpike  Road,  Southborough,  MA  01772;  Phone:  (508)  460-3333;  Fax:  (508)  490-6438;  E-mail:  nwnews@nww.com: 
STAFF:  See  the  masthead  on  page  14  for  more  contact  information.  REPRINTS:  (717)  399-1900 

■  SUBSCRIPTIONS/CHANGE  OF  ADDRESS:  Phone:  (508)  490-6444;  Fax:  (508)  490-6400;  E-mail:  nwcirc@nww.  com;  URL:  www.subscribenw.com 


PEERSAY 

From  our  online  forums 


s  Webkinz:  Threat  or  men¬ 
ace?  OK,  maybe  that's  not  fair 
to  the  little  plushies  with  their 
own  online  personae.  But  we’re 
curious:  How  many  of  you  have 
started  rocking  out  with  them 
as  hard  as  your  kids?  Take  our 
survey  and  let  us  know: 
www.nwdocfinder.com/7426 

is  What  we  missed  on  the 
telecom  song  list.  Who 

knew  there  were  so  many  pop 
songs  involving  telephones?  You 
did,  obviously,  because  you're 
telling  us  about  them  all  at: 

www.nwdocfinder.com/7427 

■  Microsoft  vs.  IBM  on 
standards.  User  SteveJ 
yawns  when  he  reads  about  the 
two  battling  over  Open  XML: 
“They  are  both  big  companies 
after  your  money." 
www.nwdocfinder.com 
/7448 

■  The  silicon  chip  inside  her 
head.  Users  debate  a  pro¬ 
posed  North  Dakota  law  that 
would  ban  implantable  RFID 
chips.  NocMaster  writes:  “Well 
there  are  good  and  bad  to 
everything,  implanting  in  kids 
to  a  certain  age  might  be 
good  as  to  prevent  kidnapping, 
but  at  what  cost. ...  But  once 
you  start  to  spread  this  type 
of  technology  to  one  applica¬ 
tion  they  will  keep  forcing  it 
into  more." 

www.nwdocfinder.com/7447 

h  Evolving  technology.  One 

user  isn't  sure  enterprises  will 
be  able  to  keep  up:  “It  will 
become  more  and  more  diffi¬ 
cult  for  most  companies  to 
have  in-house  talent  for  tech¬ 
nology-related  functions." 
www.nwdocfinder.com 
/7449 


Cisco  Subnet 

Check  out  Network  World's  new  Cisco 
Subnet,  the  independent  voice  for  Cisco 
customers.  Our  editors  scour  the  Web 
for  the  most  important  Cisco-related 
news,  blogs,  security  alerts  and  more 
—  all  presented  on  one  page. 

www.nwdacfinder.coni/7073 


6  •  www.networkworld.com  •  2.19.07 


hetworkworU.com 


FOLLOW  THESE  LINKS  TO  MORE  RESOURCES  ONLINE 


BLOGOSPHERE 


VoIP  vs.  home  security 

Plus:  Acunetix  fires  back,  trouble  in  India  and  pencil  scribbles 


VoIP  vs.  home  security.  Layer  8  dives  into  the 
problem  of  using  home  security  systems  with  a 
VoIP  telephone  service.  They  don’t  exactly  play 
well  together,  www.nwdocfinder.com/7443 

Acunetix  responds  to  expert’s  challenge. 

Buzzblog  has  become  the  playing  field  for  a 
joust  between  Acunetix  and  Joel  Snyder,  with 
Buzz’s  Paul  McNamara  as  referee  —  or  some¬ 
thing  like  that.  Acunetix  started  things  off  with  a 
survey  that  says  70%  of  all  Web  sites  had  vulner¬ 
abilities  that  pose  a  medium-  to  high-level  risk  of 
a  serious  data  breach.  Snyder  bet  $1,000  of  his 
own  money  that  the  survey  was  wrong.  Acunetix 
responded,  but  Snyder  and  participants  in  our 
forum  said  the  company  was  missing  the  point 
and/or  changing  the  subject,  www.nwdoc 
finder.com/7444 

Lead  size  and  hardness.  There  is  a  blog 
about  pencils.  There  is  a  blog  about  notebooks 


(the  kind  you  write  in  with  a  pencil).  And  then 
there  is  the  highly  specialized  Dave’s 
Mechanical  Pencils,  which  Adam  Gaffin  says  is 
“for  people  who  think  yellow  Number  2s  are  too 
wussy  and  who  might  enjoy  a  frank  and  open 
discussion  of  lead  size  and  hardness.”  And  then 
there  is  Compendium,  where  Adam  surfs  these 
kinds  of  sites  all  day  and  writes  about  them. 
www.nwdocfinder.com/7445 

Pitfall  of  outsourcing.  Linda  Musthaler 
says  social  unrest  can  sometimes  throw  a 
monkey  wrench  into  your  company’s  money- 
saving  outsourcing  plans,  and  notes  that  many 
of  the  largest  Indian  tech  companies  were 
forced  to  close  last  week  for  a  general  strike 
over  water  resources.  She  isn’t  saying  this  is  a 
reason  to  avoid  doing  business  with  compa¬ 
nies  in  other  countries  —  she’s  just  saying  you 
should  know  what  you’re  getting  into. 
www.nwdocfinder.com/7446 


Hot  Seat  interviews,  the  coolest  tools,  and  more 


Hot  Seat 

Conver¬ 
gence  jug¬ 
gling  act. 

Brix 

Networks  CEOTom 
Pincince  explains  how 
insurance  giant  Aetna  con¬ 
verged  its  voice  and  data 
networks  without  sacrific¬ 
ing  voice  quality. 
www.nwdocfinder.com/7440 


Coot  Tools: 

Speech 
recogni¬ 
tion  gets 
“bettah.” 

Keith  Shaw  gives  Version  9 
of  Nuance's  Dragon  Nat- 
urallySpeaking  a  spin,  and 
sees  if  it  can  handle  a  co¬ 
worker's  thick  Boston 
accent. 

www.nwdocfinder.com/7441 


Voices  from 
IT  Roadmap: 

Speedy 
app  de¬ 
livery. 

Sling  Media’s  Olav  Phillips 
explains  how  his  company 
distributed  its  player  appli¬ 
cation  more  efficiently  to  a 
global  audience. 
www.nwdocfinder.com/7442 


ASK  THE 

HELPDESK  Find  the  answers  to  these  prickly  problems  online. 

This  week:  Connecting  a  building  to  the  campus  LAN. 


Ron  Nutter  helps  a  user  figure  the  best  way  to 
connect  a  building  to  the  campus  LAN. 

Help  Desk  response: 
www.nwdocfinder.com/7430 


Analyst  Robin  Gareiss  examines  the  impor¬ 
tance  of  a  corporate  culture  across  a  distrib 
uted  enterprise.  Help  Desk  response: 
www.nwdocfinder.com/7432 


Wireless  security  newsletter  writer  Tim  Cranny 
explains  how  Wi-Fi  hot  spots  make  you  register 
to  use  them.  Help  Desk  response: 
www.nwdocfinder.com/7431 


Security  newsletter  writer  M.E.  Kabay  discusses 
root-cause  analysis  in  diagnosing  break-in 
attempts.  Help  Desk  response: 
www.nwdocfinder.com/7433 


'^]  BEST  OF  NW’S 

NEWSLETTERS 

Management 
innovation: 
Follow  the 
money 

Shortening  the  time  it 
takes  to  hire  in  IT 

Network/systems  manage¬ 
ment:  Management  vendors 
are  raking  in  the  dough  lately,  as 
the  trend  for  venture  capital 
funding  around  network  and 
systems  management  continues 
to  grow.  Senior  Editor  Denise 
Dubie  explains. 

www.nwdocfinder.com/7434 

Technology  executive: 

Newsletter  author  Linda 
Musthaler  reports  there  are  two 
trends  in  hard  disk  technology 
that  are  coming  together  to  cre¬ 
ate  a  compelling  set  of  benefits 
for  buyers  of  servers  and  storage 
devices:  Drives  are  getting  faster, 
smaller  and  less  expensive,  and 
you  get  to  reap  the  benefits. 
www.nwdocfinder.com/7435 

Storage  in  the  enterprise: 

As  security  and  storage  inter¬ 
mingle,  every  specialized  stor¬ 
age  security  vendor  recently 
made  nice  to  RSA.the  security 
division  of  EMC.  Senior  Editor 
Deni  Connor  takes  a  look. 
www.nwdocfinder.com/7436 

IT  leadership:  The  time  it  takes 
to  fill  a  full-time  IT  position  is  56 
days  for  a  staffer  and  87  days  for 
a  manager.  Senior  Managing 
Editor  Amy  Schurr  has  some 
ideas  for  shortening  the  wait. 
www.nwdocfinder.com/7437 

Servers:  Attendees  to  the 
Share  conference,  the  annual 
get-together  of  the  IBM  user 
group,  will  get  a  first  look  at  the 
new  z/VM  operating  system  for 
IBM’s  System  z  mainframes. 
Senior  Editor  Jennifer  Mears 
reports. 

www.nwdocfinder.com/7438 

Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40 
newsletters  on  key  network  topics. 

www.nwdocfinder.com/1 002 


10  PETABYTES  OF  STORAGE. 
50%  LESS  EXPENSIVE  TO  MANAGE. 
FEWER  GRAY  HAIRS. 


PICK  ANY  THREE. 


SETTLE  FOR  EVERYTHING  WITH  NETAPP. 


Engineer  or  CEO,  we  don't  compromise  on  your  data  center  storage  solution,  so  you  don’t  have  to  either.  That’s  why  we 
have  over  5,000  enterprise  deployments  and  counting.  With  NetApp,  near-instantaneous  cloning  makes  application 
development  and  testing  fast  and  effortless.  Our  common  architecture  across  all  storage  tiers  eliminates  integration  and 
management  complexities,  reducing  your  ongoing  management  and  operation  costs.  Add  to  that  the  lowest  TOO  in  the 
industry,  and  it’s  no  wonder  we’re  trusted  by  the  world’s  greatest  companies.  It’s  what  we  live  for.  We’ll  keep  our  natural 
color  when  you  have  the  right  storage  solution  for  your  enterprise  applications. 


Step  into  the  fountain  of  youth  at  www.netapp.com/bizapps 
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Simplifying  Data  Management  - 


©  2006  Network  Appliance,  Inc.  All  rights  reserved.  Specifications  subject  to  change  without  notice.  NetApp  and  the  Network  Appliance 
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ont  expect  video  to  exhaust  fiber  glut 


Bandwidth  prices  stabilizing  based  on  additional  factors,  consolidation 


BY  JIM  DUFFY 

Cisco  says  that  in  2010,  just  20 
homes  using  the  latest  broadband 
technology  to  access  video  con¬ 
tent  will  generate  enough  traffic 
to  equal  the  entire  load  on  the  In¬ 
ternet  in  1995. 

Juniper  says  YouTube  already 
generates  traffic  equal  to  the  en¬ 
tire  Internet  load  in  2000. 

The  widely  held  assumption  is 
that  the  explosive  growth  of  video 
across  the  Internet  will  quickly  ex¬ 
haust  excess  capacity  and  spike 
bandwidth  prices  that  have 
dropped  almost  60%  per  year  for 
the  past  three  years.  But  so  far,  this 


has  yet  to  prove  out. 

Not  everyone  believes  the 
widely  reported  “fiber  glut”  of  the 
late  1990s  and  early  2000s  will  be 
exhausted  by  video,  prompting  a 
spike  in  the  price  of  retail  and 
wholesale  bandwidth.  Some  be¬ 
lieve  video  will  hardly  make  a 
dent  in  excess  capacity  but  pric¬ 
ing  will  stabilize  based  on  other 
factors,  such  as  industry  consoli¬ 
dation  creating  fewer  suppliers. 

“In  long  haul,  there  is  still  plenty 
of  fiber,”  says  Andrew  Odlyzko, 
director  of  the  Digital  Technology 
Center  at  the  University  of  Minne¬ 
sota.  “If  you  look  at  the  total  Inter- 


How  Lauth  grows 
IT  with  downsizing 

Jeff  Ton  has  survived  the  booms  and 
busts  of  the  IT  industry  during  his 
28-year  career  as  a  programmer,  con¬ 
sultant  and  manager.  A  year  ago,  Ton 
left  ailing  Thomson  Consumer 
Electronics  for  a  chance  to  lead  the 
IT  department  at  Lauth  Property 
Group,  a  fast-growing  Indianapolis 
commercial  real  estate  developer 
that  doubled  its  revenue  last  year  to 
$592  million.  The  company  has  22 
permanent  locations  and  dozens  of 
temporary  sites  that  are  networked 
via  everything  from  DSL  to  satellite 
technologies.  Ton  spoke  with  Senior 
Editor  Carolyn  Duffy  Marsan  about 
how  he  is  building  Lauth ’s  IT  staff 
and  infrastructure  while  preparing  for  the  inevitable  downturn. 
Here  are  excerpts  from  their  conversation: 

How  fast  is  Lauth  growing? 

Two  years  ago,  Lauth  was  a  $200  million  company.  Last  year,  it  was 
nearly  $600  million. The  partners  have  laid  out  a  plan  to  get  to  $1  bil¬ 
lion  by  2010.  We  did  an  employee  survey,  and  out  of  400  employees, 
325  had  been  with  the  company  for  less  than  three  years.  So  it’s  a 
huge  shift  in  culture  to  bring  in  that  many  new  people  in  such  a 
short  period  of  time. 

See  Ton,  page  18 


net  traffic  in  the  U.S.,  it  could  be 
squeezed  down  one  or  at  most 
two  fiber  strands.  And  on  most 
routes  you  have  hundreds  of 
strands.” 

David  Rusin,  CEO  of  American 
Fiber  Systems,  a  Rochester,  N.Y, 
provider  of  lit  and  dark  fiber  re¬ 
sources,  agrees  that  fiber  is  plen¬ 
tiful. “Now  what’s  happening  with 
consolidation,  which  affects  sup¬ 
ply  .. .  that  could  have  an  impact 
if  [carriers]  no  longer  provide 
dark  fiber!’ 

Insight  Research  did  a  study  in 
2001  of  fiber  utilization  among  13 
major  long-haul  carriers.  Data  was 
culled  from  fiber  pairs  in  24  major 
cities.  Only  7%  to  8%  of  the  total 
capacity  was  used,  and  of  that 
only  3%  to  4%  was  actually  lit, says 


Robert  Rosenberg, president  of  In¬ 
sight  Research.  Historically  utiliza¬ 
tion  has  been  more  like  30%  to 
40%,  he  says. 

“It  was  really  a  small  percentage 
of  the  capacity  in  the  ground,” 
Rosenberg  says  “You  said  to  your¬ 
self, ‘Gosh,  this  thing  is  never  going 
to  go  away” 

Tracking  traffic 

Couple  with  that  the  slowing 
growth  of  Internet  traffic.  Even 
though  the  rate  of  video  growth 
has  been  increasing  —  Level  3 
says  50%  to  60%  of  the  traffic 
across  its  IP  backbone  is  video, 
compared  with  5%  to  10%  five 
years  ago  —  the  overall  growth  of 
traffic  on  the  Internet  has  slowed 
See  Fiber,  page  14 


Video’s  more  than 
fur  share 

Video  accounted  for  more 
than  a  third  of  the  traffic 
on  DSL  and  cable  modem 
lines  last  year. 


Miscellaneous  14% 


SOURCE:  IGI  GROUP 


Microsoft,  IBM  in  slap  fight 
over  open  document  formats 


BY  JOHN  FONTANA 

Microsoft  went  on  the  offensive  last  week.  In  an 
open  letter  it  accused  IBM  of  trying  to  subvert  Micro¬ 
soft’s  efforts  to  standardize  its  new  document  format 
and  in  turn  destabilize  customer  choices. 

“A  lot  of  hype  —  and  smoke  and  mirrors  obfusca¬ 
tion  —  surrounds  interoperability  these  days,” 
Microsoft  wrote  in  an  open  letter  published  on  its 
Web  site.  The  letter  was  authored  by  Tom  Robert¬ 
son,  general  manager  for  interoperability  and  stan¬ 
dards,  and  Jean  Paoli,  general  manager  for  interop¬ 
erability  and  XML  architecture. 

The  hype  and  obfuscation  references  point 
squarely  at  IBM,  which  was  the  only  Ecma  Inter¬ 
national  member  to  vote  in  December  against 
standardizing  Microsoft’s  Open  XML  file  format. 

Ecma  International,  a  membership-based  stan¬ 
dards  organization  for  information  and  communica¬ 
tion  systems,  approved  the  standardization  measure. 

Open  XML  is  the  default  file  format  in  Office  2007, 
and  support  has  been  back-ported  to  Office  2003, 
Office  XP  and  Office  2000. 

After  the  Ecma  vote,  Bob  Sutor,  IBM’s  vice  president 
of  open  source  and  open  standards,  wrote  on  his 
blog:  “The  OpenDocument  Format  ISO  standard  is 
vastly  superior  to  the  Open  XML  spec.”Sutor  also  said 
in  his  post:  “ODF  is  what  the  world  needs  today  to 
drive  competition,  innovation  and  lower  costs  for 
customers.  It  is  an  example  of  a  real  open  standard 


versus  a  vendor-dictated  spec  that  documents  pro¬ 
prietary  products  via  XML.  ODF  is  about  the  future, 
Open  XML  is  about  the  past.  We  voted  for  the  future.” 

Microsoft  is  seeking  further  standardization  of 
Open  XML  through  the  International  Organization 
for  Standardization  (ISO),  a  move  that  IBM  also  is 
contesting. 

Microsoft  claims  its  rival  has  led  a  campaign  to 
subvert  Open  XML  standardization  at  the  ISO  and  is 
trying  to  prevent  the  format  from  being  judged  on  its 
technical  merits. 

The  open  letter  states:  “This  campaign  to  stop  even 
the  consideration  of  Open  XML  in  [ISO]  is  a  blatant 
attempt  to  use  the  standards  process  to  limit  choice 
in  the  marketplace  for  ulterior  commercial  motives 
—  and  without  regard  for  the  negative  impact  on 
consumer  choice  and  technological  innovation.” 

IBM  added  more  fuel  to  the  fire  last  week  when  it 
released  what  it  calls  the  Open  Client  Solution,  an 
Eclipse-based  cross-platform  desktop  client  that  has  a 
set  of  collaboration  components,  including  a  docu¬ 
ment  editor  that  supports  ODF  but  not  Open  XML. 

By  Wednesday  Microsoft  had  heard  enough. 

“Microsoft  has  determined  that  it  is  important  to 
shine  a  bright  light  on  IBM’s  activities  that  will  have 
a  negative  impact  on  the  IT  industry  and  customers, 
including  taking  concrete  steps  to  prevent  customer 
choice,  engaging  in  hypocrisy  and  working  against 

See  Formats,  page  12 


Let  Internet  Security  Systems  stop 
network  threats  before  they  shut  down  your  business 


How  do  you  ensure  compliance  and  manage  costs  when  your  security  is  less  than  certain?  Even  "zero-day"  solutions  aren't  fast  enough  to  protect  against  losses  once  an 
Internet  attack  hits.  The  alternative  is  preemptive  security  from  Internet  Security  Systems  (ISS).  Because  our  enterprise  solutions  are  based  on  the  world's  most  advanced 
vulnerability  research,  only  ISS  can  offer  preemptive  security  and  stop  threats  before  they  impact  your  business.  So  why  rely  on  "reaction"  when  security  can  be  a  sure  thing? 


Need  proof?  Get  a  free  whitepaper,  Preemptive  Security:  Changing  the  Rules ,  at  www.iss.net/proof  or  call  today  at  800-776-2362. 
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LinuxWorld  speakers  talk  up  security 

Intel  security  manager  advises  attendees  to  learn  how  to  destroy  their  companies. 


BY  JON  BRODKIN 

The  first  step  in  protecting  your 
enterprise  is  figuring  out  how  to 
destroy  it. 

That’s  the  approach  to  security 
taken  by  Jonathan  Clemens,  man¬ 
ager  of  enterprise  security  over¬ 
sight  at  Intel.  He  recommends  that 
companies  conduct  war  games  to 
find  their  biggest  weaknesses. 

“By  a  war  game,  I  mean  a  table- 
top  exercise,” Clemens  said  at  IDG’s 
LinuxWorld  OpenSolutions  Sum¬ 
mit  in  New  York  City  last  week.“Sit 
down  and  be  your  biggest  com¬ 
petitor,  be  an  attacker,  put  yourself 

in  the  criminal  mind  set _ Until 

you  know  how  you  could  destroy 
your  company,  you  can’t  under¬ 
stand  how  you  can  prevent  some¬ 
one  else  from  doing  that.” 

Although  identifying  vulnerabili¬ 
ties  to  attacks  may  seem  like  an 


BY  TIM  GREENE 

Enterasys  has  upgraded  the  soft¬ 
ware  for  its  security  appliances  so 
they  can  execute  network  access 
control  on  traffic  coming  through 
non-Enterasys  switches,  making 
them  a  viable  protection  option 
for  the  vast  number  of  businesses 
that  don’t  have  the  vendor’s  gear. 

The  Sentinel  NAC  Solution  1.1 
software  —  which  consists  of  the 
Sentinel  Trusted  Access  Gateway 
appliance  and  Sentinel  Trusted 
Access  Manager  —  supports 
blocking  access-switch  ports 
when  devices  fail  network  secu¬ 
rity  policies  checks,  the  company 
says.  Sentinel  previously  did  this 
only  via  Enterasys  switches. 

By  adding  the  ability  to  use 
SNMP  controls  to  block  ports,  the 
company  has  extended  NAC-en- 
forcement  capabilities  to  any 
managed  switch.  Alternatively  ac¬ 
cess  to  these  switches  can  be 
blocked  by  using  802. IQ  virtual 
LAN  tags  to  quarantine  traffic 
from  devices  that  the  NAC  gear 
has  scanned  and  found  lacking. 

The  device  uses  802.  IX  authen¬ 
tication  to  block  access  to  the 
network.  If  a  customer  has  Enter¬ 
asys  switches,  the  NAC  gear  can 
make  finer  determinations  of 
what  to  block.  For  example, 


obvious  step,  when  Clemens 
asked  the  audience  whether  they 
knew  how  to  destroy  their  com¬ 
panies,  just  a  few  people  out  of 
several  dozen  raised  their  hands. 

He  was  wary  of  revealing  speci¬ 
fics  about  the  war  games  conduct¬ 
ed  at  Intel.  But  he  noted  that  Intel 
makes  chips,  and  it  would  be  dam¬ 
aging  if  the  company  made  chips 
that  could  not  perform  mathemat¬ 
ical  calculations  properly 

“What  would  happen  if  I  was  a 
competitor  of  Intel  and  I  wanted 
to  discredit  them?  Would  that  be 
a  way  to  do  it?”  Clemens  asked. 
“So  you  look  at  your  core  prod¬ 
uct  [and]  you  look  at  who 
would  want  you  to  fail  in  that 
area.  .  .  .You  go  through  these 
mental  exercises  and  say ‘what’s 
the  worst  case  scenario?”’ 

The  worst-case  scenario  could 


Bentley  College  in  Waltham, 
Mass.,  is  deploying  Sentinel  to 
block  peer-to-peer  file  sharing, 
which  accounted  for  more  than 
75%  of  network  traffic  when 
unchecked,  says  Todd  Marsh,  prin¬ 
cipal  network  architect  for  the 
school. 

These  new  features  will  put 
Enterasys  in  competition  with 
vendors  such  as  ConSentry  Nevis, 


involve  the  threat  of  physical 
harm,  he  told  the  audience,  mak¬ 
ing  note  of  a  bank  robbery  in 
England  last  year  that  involved 
the  family  of  a  bank  manager 
being  taken  hostage. 

In  a  follow-up  exchange  with 
Network  World,  Clemens  noted 
that  IT  managers  handle  data, 
rather  than  cash,  but  that  attacks 
involving  hostages  are  not  un¬ 
thinkable  in  the  IT  industry 

“If  the  financial  industry  which 
has  had  centuries  of  armed  rob¬ 
beries  to  deal  with,  can’t  defend 
against  such  an  attack,  how  can 
the  IT  industry  where  system  ad¬ 
ministrators  are  in  positions  of 
similar  responsibility  but  over  data 
rather  than  cash?”  he  questioned. 

In  his  talk  at  the  LinuxWorld 
event,  Clemens  also  discussed 
such  emerging  threats  as  viruses 


StillSecure  and  Mirage,  which 
make  NAC  appliances  that  fit  into 
heterogeneous  networks.  These 
vendors  contrast  themselves  with 
Cisco’s  NAC  architecture,  which 
calls  for  all  Cisco  switches.  They 
say  customers  can  add  NAC  to 
their  network  security  without 
major  network  upgrades. 

The  Version  1.1  software  also 
integrates  Sentinel  Trusted  Access 


aimed  at  mobile  devices  and 
custom  attacks  aimed  at  specific 
corporations. 

“Being  on  the  Internet  is  like 
sharing  your  toothbrush  with 
1  billion  of  your  closest  neigh¬ 
bors,”  he  said. “There  are  people 
on  the  Internet  who  are  smarter 
than  you. . .  .There  are  people  who 
are  less  ethical  than  us.” 

Clemens  recommended  that  en¬ 
terprises  develop  security  poli¬ 
cies,  which  should  be  high-level 
statements,  not  attempts  to  ad¬ 
dress  every  conceivable  problem. 
He  discussed  various  layers  of 
data  protection,  including  risk 
assessments;  training;  physical 
security  such  as  guards  and  sur¬ 
veillance  cameras;  and  network 
security  measures. 

“Does  every  device  in  your  net¬ 
work  have  the  ability  to  talk  to 


Gateway  with  Enterasys’  Dragon 
Network  Intrusion  Detection, 
making  it  possible  to  cut  off 
access  to  machines  that  misbe¬ 
have  once  they  are  admitted  to 
networks.  If  the  Dragon  software 
detects  an  intrusion  based  on 
malware  signatures  or  unautho¬ 
rized  behavior,  it  triggers  the 
Sentinel  gateway  to  block  access 
for  that  device. 

This  gives  Enterasys  preadmis¬ 
sion  and  postadmission  NAC 
capabilities.  Preadmission  NAC 
determines  whether  the  security 
posture  of  a  device  meets  security 
standards  and  therefore  may  ac¬ 
cess  the  network.  Fbstadmission 
NAC  detects  when  endpoints 
attempt  to  access  resources  they 
are  not  supposed  to  and  shuts 
down  their  network  access. 

Enterasys  does  not  make  its  own 
NAC  client  that  scans  endpoints  to 
perform  preadmission  NAC.  It 
instead  relies  on  clients  made  by 
other  vendors. 

The  Enterasys  gear  also  works  in 
conjunction  with  endpoint  scans 
that  don’t  require  a  client  made 
by  vendors  including  Check  Point 
and  Symantec. 

Pricing  for  Enterasys  Sentinel 
NAC  Solution  starts  at  $22,000  for 
1 ,000  users.  ■ 


every  other  device?  If  it  does, 
why?”  he  said. 

Open-source  compliance 

Making  sure  a  network  is  secure 
also  means  complying  with  vari¬ 
ous  regulations,  such  as  the  Pay¬ 
ment  Card  Industry  data  security 
standard,  the  Sarbanes-Oxley  Act, 
and  the  Gramm-Leach-Bliley  Act 
to  protect  consumers’  financial 
information. 

There  are  many  reliable  open 
source  tools  to  comply  with  these 
regulations,  although  it  can  be 
hard  to  convince  auditors  that 
these  programs  are  credible,  said 
Jeremiah  Cruit-Salzberg,  a  security 
architect  for  Fair  Isaac. 

“A  lot  of  times,  auditors  don’t 
like  open  source  [because]  it’s  a 
free  thing,  something  you  down¬ 
load,”  said  Cruit-Salzberg  in  a  ses¬ 
sion  titled  “Using  open  source 
tools  for  regulatory  compliance 
and  how  to  make  your  auditors 
accept  it.” 

Documentation  is  critical,  Cruit- 
Salzberg  noted.“If  you  don’t  docu¬ 
ment  things,  you  will  run  into 
trouble,  especially  with  open 
source.” 

The  most  valuable  open  source 
tool  for  compliance  is  Open 
Office,  because  it  offers  great 
ways  to  organize  documents, 
Cruit-Salzberg  said. 

To  convince  an  auditor  that  your 
open  source  tool  is  reliable,  you 
should  make  sure  it  has  a  good, 
commercial  support  system  be¬ 
hind  it,  Cruit-Salzberg  said.  If  your 
open  source  tool  can  keep  track 
of  data  effectively  but  an  auditor  is 
still  skeptical,  it  might  be  time  to 
hire  a  new  auditor. 

“If  they  are  not  going  to  work 
with  you,  it  is  vital  for  you  to  go 
find  another  auditing  company. 
Because  to  change  everything 
you’re  doing  costs  you  a  lot  more 
money  and  a  lot  more  grief, ’’Cruit- 
Salzberg  said. 

Collecting  system  logs  is  another 
vital  part  of  compliance,  and  this 
task  can  be  handled  by  open 
source  tools  such  as  Snare  and 
Zenoss.  Some  open  source  tools 
are  not  organized  well  and  should 
be  avoided,  but  overall,  open 
source  is  gaining  acceptance,  he 
said.There  are  very  few  issues  that 
can’t  be  resolved  with  an  open 
source  tool  today]’ he  said.B 


Enterasys  broadens  its  NAC  approach 


NAC  gear  that  works  with  any  switch 

Enterasys  SentineiTrusted  Access  Gateway  has  two  methods 
of  restricting  network  access  using  any  managed  switch  as 
an  enforcement  point.  Previously,  the  gear  worked  only  with 
Enterasys  switches. 


Q  Network  access  control  client  software  (not  made  by  Enterasys)  scans  device 
trying  to  access  the  network.  _ _ 

0  Sentinel  gateway  receives  determination  of  whether  the  device  should  gain 
access.  ___  _ _ 

0  If  it  shouldn't,  the  Sentinel  gateway  sends  an  SNMP  or  802.1Q  command  to  the 
access  switch  that  shuts  down  the  switch  port  to  which  the  device  is  attached 
or  grants  access,  but  only  to  a  quarantine  virtual  LAN. 
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Microsoft  leaves  out  virtualization 


Mipiracy  pitch 

As  part  of  its  required  Software  Protection  Platform  for  Vista, 
Longhorn,  and  eventually  other  infrastructure  components, 
Microsoft  is  offering  corporate  users  the  option  to  deploy  a  Key 
Management  Service  (KMS)  internally  to  control  activation  of 
software  and  to  validate  licensing.  Here  are  some  of  the  service's 
requirements  and  characteristics. 

•  Windows  Vista  clients  activate  by  connecting  to  a  central  KMS. 

•  A  single  KMS  supports  hundreds  of  thousands  of  KMS  clients. 

•  Minimum  of  two  KMS  machines  recommended  (one  live,  one  backup). 

•  Clients  must  renew  their  activation  every  180  days. 

•  Clients  get  30-day  activation  grace  period.  After  that,  they  go  into  a  “reduced 
functionality  mode." 

•  At  least  25  physical  Vista  clients  or  five  Longhorn  servers  have  to  be  connected  to 
the  KMS.  Clients  running  on  virtual  machines  don't  count  toward  the  25. 

•  The  KMS  will  not  function  inside  a  virtual  machine. 

SOURCE:  MICROSOFT 


BY  JOHN  FONTANA 

Microsoft  last  week  ported  its 
newest  antipiracy  platform  ser¬ 
vice  to  Windows  Server  2003,  but 
left  out  a  feature  available  on  ver¬ 
sions  for  Vista  and  Longhorn 
Server  that  lets  users  run  the  ser¬ 
vice  in  a  virtualized  environment. 

Without  the  virtualization 
option  for  Windows  Server  2003 
Service  Pack  1  and  higher,  users 
may  have  to  deploy  a  new  sepa¬ 
rate  server  to  run  the  Key 
Management  Service  (KMS)  that 
is  the  center  of  Microsoft’s  corpo¬ 
rate  options  for  its  new  Software 
Protection  Platform  (SPP)  to  com¬ 
bat  piracy 

The  KMS  is  a  network  service 
that  uses  keys  to  validate  and  acti¬ 
vate  Vista  clients,  Longhorn  Server 
and  eventually  other  infrastruc¬ 
ture  pieces, such  as  Exchange  and 
SQL  Server. 

The  lack  of  a  virtualization 
option  contrasts  with  the  KMS  ver¬ 
sions  that  run  on  Vista  or  the  latest 
beta  build  of  Longhorn  Server. 
Both  versions  can  be  run  in  a  vir¬ 
tualized  environment. 


Formats 

continued  from  page  8 

the  industry  and  against  customer 
needs,”  a  company  spokesman 
said  via  e-mail. “Microsoft  will  con¬ 
tinue  to  be  public  in  identifying 
the  ways  that  IBM  is  trying  to  pre¬ 
vent  customer  choice.” 

In  the  open  letter,  Microsoft 
outlines  its  work  on  interoper¬ 
ability  issues  over  the  past  year, 
including  creation  of  its 
Interoperability  Executive  Cus¬ 
tomer  Council,  consisting  of 
senior  CIOs,  and  the  Inter¬ 
operability  Vendor  Alliance, 
which  worked  with  JBoss  and 
Novell  to  build  interoperability 
among  their  products. 

On  Monday,  Microsoft  and 
Novell  outlined  progress  in  their 
relationship  in  terms  of  virtualiza¬ 
tion  technology  and  integration 
of  an  open-source  translator  tech¬ 
nology  that  works  between  Open 
XML  and  ODE 

That  work,  however,  is  drawing 
heat  from  more  than  IBM. 

Some  open  source  advocates 
have  called  for  a  boycott  of  No¬ 
vell,  which  said  it  will  include  the 
open  source  Open  XML  translator 
in  its  next  version  of  OpenOffice. 


Observers  say  the  virtualization 
option  is  a  key  omission  and  is 
either  a  poke  at  users  to  migrate 
or  a  sign  of  things  to  come. 

“Many  [users]  might  not  be 
interested  in  running  a  worksta¬ 
tion  operating  system  [Vista]  in 
their  data  center  or  running  a 
beta  product  [Longhorn  Server]  ” 
says  Josh  Phillips,  the  founder  of 
the  WindowsConnected  blog  and 
an  IT  pro  for  a  company  he  would 
not  disclose.  “Many  enterprise 
users  today  are  using  virtualiza¬ 
tion  technology  to  help  consoli¬ 
date  hardware  in  their  data  cen¬ 
ters.  [Virtual  machines]  help 
reduce  the  cost,  support  and 
maintenance  of  servers.  Now 
someone  who  might  have  been 
planning  to  run  this  in  a  [virtual 
machine]  or  who  already  does, 
has  to  go  out  and  procure  physi¬ 
cal  hardware  for  a  server!’ 

Users  can  migrate  to  get  the  vir¬ 
tualization  options,  or  as  Phillips 
suggests,  the  lack  of  virtualization 
support  in  Windows  Server  2003 
might  be  foretelling  the  future. 

“My  assumption  is  that  the  next 


In  its  letter,  Microsoft  addresses 
document  formats  and  XML,  say¬ 
ing  “We  believe  that  Open  XML 
represents  an  exciting  advance 
toward  achieving  the  original 
vision  of  XML,  where  broad  inter¬ 
operability  allows  documents  to 
be  archived,  restructured,  aggre¬ 
gated  and  reused  in  new  and 
dynamic  ways.” 

Open  XML  is  a  departure  from 
Microsoft’s  practice  with  its  Office 
file  formats,  which  it  has  routinely 
altered  as  Office  has  evolved,  cre¬ 
ating  interoperability  issues  for 
users  with  different  versions. 


Longhorn  Server  will  have  the 
same  limitation,”  Phillips  says. 

Microsoft  could  eliminate  that 
option  in  Longhorn  Beta  3,  which 
is  due  shortly  or  the  final  version 
of  the  server, slated  to  ship  by  year- 
end, and  inSP  1  forVista,  for  which 
a  ship  date  has  not  been 
announced. 

Microsoft  did  not  comment  on 
the  future  of  KMS  and  virtualiza¬ 
tion  within  back-end  infrastruc¬ 
ture,  but  did  say,  “by  design,  KMS 
for  Windows  Server  2003  is  not 
supported  to  run  within  a  virtual 
machine,”  says  Cori  Hartje,  direc¬ 
tor  of  Microsoft’s  genuine  software 
initiative. 

“We  recognize  that  our  cus¬ 
tomers  want  to  take  advantage  of 
virtualization,  which  is  why 
Windows  Vista  client  installations 
running  within  a  virtual  machine 
are  able  to  activate  using  KMS  for 
Windows  Server  2003,”  she  says. 

The  virtualization  limitation  in 
Windows  Server  2003  does  not 
mean  users  are  required  to  buy  a 
new  server.  Users  with  25  or  more 
clients,  or  five  or  more  servers, 


The  letter  goes  on  to  say  that 
Microsoft’s  customers,  especially 
in  the  government  sector,  prefer 
an  open,  standardized  document 
format,  and  the  letter  defends  the 
Ecma  process  that  resulted  in 
Open  XML  standardization. 

Microsoft  uses  the  letter  to 
focus  on  the  comparison  of 
ODF  and  Open  XML, saying, “It  is 
important  to  recognize  that 
ODF  and  Open  XML  were 
created  with  very  different  de¬ 
sign  goals  and  that  they  are 
only  two  of  many  document  for¬ 
mat  standards  in  use  today, 


have  the  option  of  deploying  the 
KMS  internally  as  a  way  to  vali¬ 
date  their  software  instead  of 
using  Microsoft’s  online  validation 
service.  The  recommended  con¬ 
figuration  for  KMS  is  to  have  at 
least  two  versions  running  so  that 


each  of  which  has  characteris¬ 
tics  that  are  attractive  to  differ¬ 
ent  users  in  different  scenarios.” 

Observers  acknowledge  that 
ODF  is  nowhere  near  as  feature 
rich  as  Open  XML. 

“ODF  from  a  feature  stand¬ 
point  is  supporting  a  subset  of 
Open  XML;  there  is  a  ways  to  go 
on  ODF” says  Chris  LeTocq,  prin¬ 
cipal  analyst  at  Guernsey 
Research.  “Even  if  you  are  IBM 
and  you  are  committed  to  ODF 
you  would  also  have  to  support 
Open  XML  if  that  is  what  cus¬ 
tomers  ask  you  to  do.”  ■ 


users  have  redundancy 

KMS  can  run  on  an  existing  serv¬ 
er,  but  experts  say  combining 
other  services  with  KMS  on  a  sin¬ 
gle  box  could  introduce  an  ele¬ 
ment  of  risk  or  instability  for  the 
critical  KMS,  which  determines  if 
clients  and  servers  run  optimally 

KMS  was  introduced  in  October 
last  year  as  part  of  the  SPP  pro¬ 
gram,  which  validates  the  use  of 
genuine  —  that  is,  paid  for  — 
copies  of  Windows  and  to  partial¬ 
ly  cripple  systems  that  don’t  pass 
muster. 

Today,  volume-licensing  cus¬ 
tomers  purchase  software  bits 
and  use  product  keys  to  install 
and  activate  those  bits  on  com¬ 
puters.  Under  SPP  volume-licens¬ 
ing  customers  can  use  a  Multiple 
Activation  Key  to  conduct  a  one¬ 
time  activation  directly  with 
Microsoft  on  desktops,  or  deploy 
KMS  internally  to  perform  the 
same  service. 

Under  KMS,  servers  and  desk¬ 
tops  would  have  to  reactivate 
every  180  days,  excluding  a  30-day 
grace  period  to  correct  any  failed 
activations.  Failure  to  reactivate 
would  send  computers  into  a 
“reduced  functionality  mode.” 

The  KMS  stores  all  keys  encrypt¬ 
ed  in  a  centralized  store,  whereas 
today  those  product  keys  are 
stored  on  individual  computers. 

With  KMS  ported  to  Windows 
Server  2003,  Microsoft  plans  to 
add  KMS  management  features  to 
System  Center  Management 
Server  (formerly  Systems  Manage¬ 
ment  Server).  ■ 


Format  fracas 

Rivals  IBM  and  Microsoft  are  in  another  pitched  battle,  this  time  over  the  future  of  standardized 
file  formats,  specifically  the  OpenDocument  Format  (ODF)  and  Microsoft’s  Open  XML.  Here  is 
a  look  at  some  of  the  strengths  of  both  formats. 


ODF 

Open  XML 

•  Uses  a  mixed  content  model,  which  is  considered  friendlier 
to  developers  than  other  models. 

•  Captures  100%  of  formatting  in  older  Office  documents. 

•  Excel  formula  language  completely  defined,  whereas  ODF 
is  still  working  on  its  Excel  formula  specification. 

•  Uses  existing  standards  for  such  functions  as  drawing, 

equations  and  linking. 

•  Spreadsheet  format  said  to  be  faster  than  ODF  spreadsheet 

•  Separation  of  style  and  content  considered  better  in  ODF 

format. 

than  in  other  formats. 

•  Specification  is  6,000  pages  long. 

•  Specification  is  500  pages  long. 

SOURCE;  WIKIPEDIA.  GROKLAW 

With  Unified  Communications, 
security  is  integrated  and  threats 
are  disintegrated. 

On  the  integrated  network,  security 
is  built  in.  Collaboration  is  highly  secure. 
Proprietary  information  is  proprietary. 
With  Cisco  Unified  Communications, 
security  seamlessly  goes  wherever 
your  network  goes.  All  infrastructure. 

All  applications.  All  devices.  So  your 
people  can  share  freely  -  without  fear 
of  threats.  The  story  continues  at 
cisco.com/integratednetwork. 


welcome  to  .i|iiije< 

the  human  network,  cisco. 
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So  much  for  a  boost  from  video 

Even  though  U.S.  spending  for  video-on-demand  content  is  expected  to  boom 


Internet  streaming  voice  on 
demand  spending  (in  millions) 

2005 

2006 

2007 

2008  2009 

2010 

2011 

CAGR 

$53.5 

$62.4 

$72.5 

$84.0  ,  $97.1 

$111.8 

$128.5 

15.7% 

IPTV  voice  on  demand  spending  (in  millions)  $8.0 

$49.8 

$125.6 

$199.1  !  $294.6 

$395.1 

$525.1 

101.0% 

. . .  carrier  revenue  on 
wavelength  services  to  deliver 
such  content  is  expected  to  stay 
relatively  flat  since  bandwidth 
supply  remains  plentiful. 


Wavelength 

2006  2007  2008  2009 

2010 

2011 

CAGR 

services  revenue  $230 
(in  millions) 

$234  $225  !  $232  j  $240 

$245 

$252 

1.5% 

SOURCE:  INSIGHT  RESEARCH 


Fiber 

continued  from  page  8 

to  50%  per  year  from  100%  or 
more  in  the  heady  days  of  the 
bubble. 

“Back  in  those  days,  everybody 
was  putting  in  as  much  as  they 
could  and  it  made  sense,”  says 
Clif  Holliday  an  analyst  with  In¬ 
formation  Gatekeepers  Inc.  (IG1). 
“There’s  probably  an  awful  lot  of 
excess  fiber  in  the  ground.” 

According  to  IG1,  Internet  traffic 
is  expected  to  grow  45%  to  50% 
per  year  until  2010.  The  major 
feeders  of  traffic  on  the  Internet 
backbone  will  be  high-speed  DSL 
and  cable  modem  broadband 
access  lines,  international  transac¬ 
tions  and  fiber-to-the-premises 
(FTTP)  lines. 

File  sharing  is  a  major  compo¬ 
nent  of  high-speed  traffic,  and  the 
largest  segment  of  file  sharing  is 
video,  according  to  IGI.  But  video 
file  sharing  will  be  dwarfed  by 
FTTP  traffic  in  the  form  of  IPTV 
especially  high-definition  IPTV, 
Holliday  says. 

“Using  digital  delivery  of  HDTV 
is  a  tremendous  bandwidth  hog,” 
he  says.“It  will  overshadow  every¬ 
thing  else  if  the  telcos  do  what 
they  say  they  are  going  to  do,  and 
if  they  are  successful  at  it.” 

AT&T  and  Verizon  are  spend¬ 
ing  billions  of  dollars  laying 
fiber  closer  to  homes  in  order  to 
deliver  TV  and  IPTV  service. 
Verizon  reported  207,000  FiOS  TV 
customers  at  year-end  —  adding 
89,000  in  the  fourth  quarter  — 
and  wants  to  have  its  TV  services 
available  to  sell  to  5  million 
homes  by  the  end  of  2007. 

AT&T  has  less  than  half  as  many 
subscribers  as  Verizon.  AT&T  uses 
Microsoft  software  to  deliver  its 
IPTV  services,  but  there  are  appar¬ 
ent  issues  with  the  software’s  abil¬ 
ity  to  scale  over  millions  of  homes 
while  supporting  high-definition, 
video-on-demand  and  digital 
video  recorder  service.  Invest¬ 
ment  firm  UBS  Warburg  estimates 
AT&T  will  have  93,000  Uverse 
video  subscribers  by  year-end. 

IPTV  will  not  dent  excess  Inter¬ 
net  capacity  per  se  but  will  help 
alleviate  overcapacity  on  specific 
routes  in  the  facilities  of  some  of 
the  largest  carriers  of  Internet  traf¬ 
fic,  Holliday  says. 

Pricing  watch 

As  a  result,  bandwidth  pricing 
could  increase, because  carriers 
will  need  to  purchase  equipment 
to  support  IPTV  across  specific 


fiber  routes  with  a  shortage  of 
capacity  he  says. 

“Somebody  could  say'We’ve  got 
a  lot  more  fiber  than  we  need’  — 
that’s  probably  going  to  be  true 
maybe  forever  —  but  that  doesn’t 
mean  that  we  don’t  need  to  have 
more,”  Holliday  says.  “It  doesn’t 
make  any  difference  how  much 
fiber  you’ve  got  in  total  in  the 
United  States.  If  you  need  to  get 
from  A  to  B,  the  only  thing  that 
makes  any  difference  is  how 
much  you’ve  got  from  A  to  B. 
There  will  be  routes  where  you’ll 
see  major  additions.” 

Global  Crossing  recently  in¬ 
creased  wholesale  and  “selective” 
retail  bandwidth  pricing  by  5%  to 
10%  because  of  “supply  and  de¬ 
mand  equilibrium,”  says  Anthony 
Christie,  director  of  marketing  for 
the  carrier. 

Christie  says  this  equilibrium  is  a 
confluence  of  several  factors.  The 
virtualization  and  Web-ification  of 
enterprise  applications,  industry 
consolidation  and  inexpensive 
broadband  access,  which  enables 
sharing  of  video  files,  play  a  role  in 
the  stabilization  and  increase  of 
bandwidth  pricing,  he  says. 

As  is  the  case  with  Level  3, 
Global  Crossing  finds  that  50%  to 
60%  of  the  traffic  from  its  top  10  IP 
transit  customers  is  “video  driven,” 
Christie  says. 

Level  3  is  seeing  increased  de¬ 
mand  from  YouTube  and  other 
companies  that  are  aggregating 
user-generated  content;  as  well  as 
from  companies  looking  to  offer 
broadcast-quality  content  through 
the  Internet,  such  as  studios  dis¬ 
tributing  DVDs  online,  and  portals 
offering  video  downloads  to  PCs 
or  set-top  boxes. 

Jeff  Tench,  senior  vice  president 
of  offer  management  for  Level  3 
Content  Markets,  also  sees  prices 
for  that  bandwidth  —  be  it  trans¬ 
port  bandwidth,  IP  transit  or  con¬ 
tent  distribution  —  stabilizing 
because  of  higher  demand  from 


users  as  well  as  from  carriers  for 
edge  applications. 

That  higher  demand  has  helped 
absorb  the  capacity  glut,  Tench 
says,  prompting  a  round  of  rein¬ 
vestment  in  the  network.  Level  3 
has  been  investing  in  its  network 
for  the  past  three  years  at  both  the 
wavelength  division  multiplexing 
and  IP  layers,  he  says. 

Level  3  has  also  been  active  on 
the  consolidation  front,  acquiring 
seven  companies  over  the  past 
two  years. 

“If  you  look  at  the  price  for 
bandwidth  five  years  ago  on  a 
unit  basis,  it  was  not  economical 
to  distribute  movies  online, ’’Tench 
says.  “At  the  current  levels,  people 
are  finding  new  opportunities  to 
use  the  Internet  to  shift  an  entire 
industry’ 

Demand  and  upgrade  costs  to 
light  unused  fiber  will  help  stabi¬ 
lize  bandwidth  prices,  says  Eric 
Schoonover,  senior  analyst  at  Tele- 
Geography  He  said  it  would  be  a 
stretch  to  expect  prices  to  in¬ 
crease  based  on  video’s  growth. 

“I’m  not  sure  enterprise  and 
wholesale  customers  would  bear 
an  increase  after  so  many  years  of 
precipitous  declines,"  Schoonover 
says.  “But  I  have  no  doubt  there 
will  be  an  amount  of  stability  that 
hasn’t  been  seen  in  a  few  years,  at 
least.  And  really  in  the  end  it  all 
comes  from  video.” 

Video  is  driving  the  user’s  expe¬ 
rience,  which  is  prompting  pro¬ 
viders  to  buy  more  IP  transit 
bandwidth  to  handle  the  increase 
in  traffic  on  their  long-haul  net¬ 
works,  Schoonover  says.  But  this 
will  not  eat  into  fiber  glut,  he  says. 

“There’s  plenty  of  fiber  in  the 
ground  for  years  to  come,” 
Schoonover  says.  “In  terms  of  the 
long-haul  major  routes,  they  just 
have  so  much  glass  in  the  ground 
that  they’re  just  going  to  put  lasers 
on  either  end  and  call  it  a  day 
Most  of  that  fiber  is  capable  of  sig¬ 
nificant  DWDM  deployments  of 


96  wavelengths  per  fiber  pair.  So 
you’re  getting  almost  a  terabit  of 
data  traffic  per  fiber  pair’’ 

Rosenberg  disagrees.  Carriers 
will  need  to  replace  that  embed¬ 
ded  and  unused  glass  with  newer- 
generation  strands,  he  says. 

“This  is  what  the  industry  has 
waited  for  since  the  1960s,”  he 
says.“Once  you  get  a  mass  market 
for  video  telephony,  that  applica¬ 
tion  is  going  to  continue  to  suck 
up  capacity,  because  whatever 
you  gave  them  last  week  is  not  suf¬ 
ficient:  1  want  better  definition,  I 
want  better  sound,  I  want  better 
quality  in  the  image. 

“It  will  mean  that  the  industry 
will  begin  another  round  of  in¬ 
vestment  with  a  new  generation  of 
glass  and  a  new  generation  of 
optics  to  be  able  to  meet  that 
capacity  demand,”  he  says. 
“Current  unutilized  fiber  will  be 
obsoleted  by  changes  in  technol¬ 
ogy  over  time.” 

What,  then,  is  the  legacy  of  all 
that  unused  fiber  from  the  late 
1990s  and  early  2000s? 

“Telecom  industry  wasted  $100 
billion  putting  down  all  those  re¬ 
dundant  long-haul  fiber  strands,” 
Odlyzko  says.  “One  of  the  great 
tragedies  is  that  if  the  $100  billion 
could  have  been  used  instead  to 
take  fiber  to  the  home,  we  would 
have  had  more  than  half  of  the 
households  in  the  U.S.  wired  up 
with  fiber,”B 
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ADVERTORIAL 


Managing  IP  Telephony 

- Centralized  vs.  Distributed  Architecture - 


Organizations  expect  to  see  cost  savings  from  IP  telephony,  but  according  to  IT  executives,  enterprises  are  actually  increasing  spending  on  these 
implementations.  Security,  application  management  and  growing  use  of  professional  services  are  all  contributing  to  increased  implementation 
costs.  How  are  enterprises  going  to  realize  the  potential  cost  savings  from  their  IP  telephony  investments? 

A  key  decision  is  the  solution  architecture:  Should  it  be  centralized  along  the  data-center  model,  with  a  few  dusters  of  IP-PBXs  coupled  with  remote 
site  gateways?  Or  should  enterprises  deploy  a  distributed  model,  in  which  system  intelligence  is  pushed  out  to  all  locations  equally,  with  little  to 
no  centralized  infrastructure? 


The  Centralized  Approach: 

Leveraging  the  Data  Center  for  Economies  of  Scale 


The  Distributed  Approach: 

Resiliency  and  Cost  Reduction 


In  a  centralized  IP  telephony  architecture,  telephony  servers  reside  within 
data  centers,  along  with  low-cost  branch  gateways  at  remote  sites.  Branch  gate¬ 
ways  provide  PSTN  access  for  off-net  calls  to  and  from  the  branch,  and  some 
basic  survivability  in  the  event  of  a  loss  of  connectivity  to,  or  a  failure  of,  the 
centralized  IP  telephony  servers.  Examples  of  the  centralized  approach  include 
the  Avaya®  S8700,  Cisco®  Unified  CallManager  5.x,  Nortel®  CS21 00  and  Siemens® 
HiPath®  8000. 


An  alternative  to  the  centralized  approach  is  one  in  which  telephony  servers  are 
distributed  to  all  locations.  Each  server  peers  with  each  other  on  an  equal  basis, 
eliminating  single  points  of  failure.  Distributed  architectures  such  as  ShoreTel's™ 
IP  telephony  system  are  highly  scalable — simply  add  another  IP-PBX  and  it  will 
automatically  find  its  peers,  and  share  the  processing  load.  Applications  such  as 
voicemail,  unified  messaging,  and  conferencing  also  are  distributed  within  each 
server  providing  additional  redundancy. 


A  secondary  enterprise  benefit  of  the  centralized  approach  can  be  reduced 
management  costs  as  a  result  of  limiting  the  number  of  devicesand  locating  them 
in  data  centers  that  already  house  .... 

system  administrators. 

But  a  centralized  architecture  is 
not  appropriate  for  all  enterprises. 

Centralized  systems  require  a  great 
deal  of  up-front  resources,  both  to 
architect  an  enterprise-wide  solution, 
as  well  as  to  build  out  the  infrastruc¬ 
ture.  Further,  organizations  often 
need  sophisticated  monitoring  and 
management  tools  that  can  cost  from 
$25,000  for  a  small  company  up  to  $2 
million  for  large,  global  enterprises. 

Perhaps  most  importantly,  the 
centralized  approach  may  not  fit  with 
enterprises  that  have  distributed  IT 
functions  or  IT  infrastructures  across 
lines  of  business. 


Vendor  Cost  Comparison 


ShoreTel 


Nortel 


Avaya 


Cisco 


$0  $50 


$100  $150 

Cost  per  User 


$200  $250 


Above  chart  illustrates  total  operational  costs  (planning,  installing  and  troubleshooting) 
of  IP  Telophony  architecture. 

Source:  Nemertes  Research  Convergence  and  Next-Generation  WAN  Technologies,  February  2006 


In  a  distributed  system  WAN  utilization  is  minimized.  The  local  telephony  server 
sets  up  all  calls  that  start  and  terminate  in  the  same  facility,  without  any  need  to 

utilize  the  WAN.  Thus  the  distributed 
model  may  require  both  less  band¬ 
width  and  reduced  dependence  on 
WAN  architecture. 

Distributed  systems  are  also  gen¬ 
erally  more  reliable  since  complete 
call  processing  is  distributed  to  each 
location.  A  failure  with  PSTN,  WAN  or 
even  a  voice  switch  will  have  limited 
or  no  impact  on  end  user  service  with 
appropriate  equipment  and  configu¬ 
rations  in  place. 

As  shown  in  the  diagram  to  the 
left,  total  cost  of  ownership  can  also 
be  substantially  less  with  a  distributed 
system.  The  decreased  management 
time  and  costs  compare  favorably  to 
the  centralized  approach. 


■  More  than  1 000  users 
□  Less  than  1 000  users 


Conclusion:  Distributed  Architecture  for  Reliability  and  Cost  Savings 

For  most  enterprises,  a  distributed  IP  telephony  system  offers  scalability,  reliability  performance,  and  cost  benefits  when  compared  to  a  centralized 
architecture.  Telephony  systems  based  on  distributed  architectures  have  shown  themselves  to  be  less  expensive  to  plan,  implement,  and  maintain. 
They  protect  an  organization  from  undo  complexity  and  enable  an  easier  migration  to  VoIP  without  an  adverse  impact  on  the  WAN. 


For  more  information  please  read  the  Network  World  Special  Report: 
IP  Telephony  System  Manageability:  Architecture  Matters 

www.networkworld.com/srtel 


Sponsored  by 

©ShoreTel 

ENTERPRISE  IP  PHONE  SYSTEMS 

www.shoretel.com 
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Coalition  Summit  for  IPv6 


are  joining  forces! 


For  the  first  time  ever,  attendees  of  these  world-renowned  events 

can  meet  and  hear  from  both  the  US  and  International  IPv6  communities. 

www.usipv6.com 

Hyatt  Regency,  Reston,  Virginia  Tel:  310-587-3417  email:  info@usipv6.com 


Lt.  General  James  Soligan 

Deputy  Commander,  NATO  Allied 
Command  Transformation 


(I 


United  States  IPv6  Summit 

March  27-28,  2007 

The  US  IPv6  Summit,  the  largest  IPv6 
conference  in  America,  is  the  place 
to  be  to  get  the  latest  status  of 
US  Government  and  Industry 
progress  in  this  quickly 
accelerating  market. 


Coalition  Summit 
for  IPv6 

March  28-29,  2007 


Dr.  Lawrence  G. 
Roberts 

CEO  &  President, 
Anagran,  Inc. 


Major  General 
Dennis  C.  Moran 

Vice  Director  for  Command, 
Control,  Communications, 
and  Computer  Systems  (J6), 
OJCS  United  States  Army 


The  Coalition  Summit  for  IPv6, 
produced  in  cooperation  with  NATO  and 
other  government  organizations  brings 
together  leading  international  military, 
government  and  Industry  IT  executives 
who  will  share  their  visions  and  answer 
your  questions. 


Robert  Cresanti 

Under  Secretary 
(Technology).  US  Dept, 
of  Commerce 


Ulf  Dahlsten 

Director,  Emerging 
Technologies  and 
Infrastructure  -  Applications, 
European  Commission 


Rob  Goode 

Principal  Scientist,  NATO 
Consultation,  Command 
and  Control  Agency 
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Survey  says  shortage  puts 


SAP  workers 


As  firms  compete 
for  scarce  talent, 
salaries  rise 

BY  JON  BRODKIN 

A  shortage  of  skilled  SAP  workers  is  mak¬ 
ing  it  difficult  for  IT  departments  to  fill  jobs 
and  has  caused  the  average  salary  for  cer¬ 
tain  high-level  SAP  professionals  to  rise 
15.6%  in  the  past  year,  according  to  Foote 
Partners. 

A  survey  by  the  consul¬ 
tancy  found  the  average 
base  salary  for  directors  of 
SAP  program  manage¬ 
ment  rose  from  $115,468 
to  $133,500  in  the  calen¬ 
dar  year  that  just  ended. 

This  15.6%  increase  dwarfs 
the  typical  increases  in  IT 
salaries  of  3%  to  5%  a  year, 
says  David  Foote,  CEO  and 
chief  research  officer. 

“That’s  a  monster  figure,” 

Foote  says. 

SAP  the  world’s  largest  enterprise  soft¬ 
ware  company  has  12  million  users  across 
100,600  installations  in  North,  Central  and 
South  America.The  demand  for  employees 
who  can  deploy  and  maintain  SAP  soft¬ 
ware  is  fueled  by  the  company’s  numerous 
products,  from  CRM  tools  to  governance, 
risk  and  compliance  solutions. 

SAP’s  NetWeaver  platform,  which  helps 
companies  deploy  a  service-oriented  archi¬ 
tecture's  one  of  the  latest  factors  requiring 
companies  to  have  a  fleet  of  skilled  SAP 
employees,  Foote  says.  “SAP  is  obviously  a 
juggernaut,  and  they  have  a  huge  install 
base,”  he  says. 

Companies  have  largely  failed  to  develop 
SAP  talent  in-house,  and  a  shortage  of 
skilled  SAP  workers  on  the  open  market  is 
forcing  IT  departments  to  pay  premiums  to 
get  those  few  who  are  available,  according 
to  Foote.  It’s  not  uncommon  for  SAP  jobs  to 
stay  unfilled  for  nine  months,  he  says. 

“When  hiring  developers,  analysts  and 
configurators,  it’s  not  unusual  to  be  faced 
with  having  to  pay  20%  more  to  attract 
them  than  the  people  [companies]  cur¬ 
rently  have  in  those  jobs,"  Foote  says.“That’s 
the  price  you  pay  for  not  having  staffed 
adequately  for  your  needs.” 

Although  there  are  shortages  in  other  IT 
areas,  such  as  project  management,  data¬ 
base  management  and  storage-area  net¬ 
work  (SAN)  administration,  the  hiring  chal¬ 
lenges  seem  to  be  most  prevalent  in  the 
SAP  field,  Foote  says. 

“As  a  category  SAP  seems  to  be  where  we 
find  ...  the  most  complaints,  the  largest 
number  and  the  widest  geographical  distri- 


in  demand 

bution,”  Foote  says. 

Like  the  companies  in  Foote’s  survey,  the 
Massachusetts  Institute  of  Technology  is 
having  problems  finding  SAP  professionals. 

MIT  has  a  staff  of  about  70  SAP  workers 
and  now  has  three  or  four  open  jobs,  one  of 
which  has  been  unfilled  for  more  than  six 
months,  says  Allison  Dolan,  MIT  director  of 
human  resources  and  administration  for 
information  services  and  technology 
Hiring  full-time  employees  is  difficult  be¬ 
cause  many  SAP  work¬ 
ers  prefer  to  work  as 
contractors  or  consul¬ 
tants,  Dolan  says.  They 
like  to  be  involved  in 
development  and  ini¬ 
tial  deployment  but 
are  less  interested  in 
ongoing  support  of 
SAP  systems. 

Dolan  says  she  has 
the  same  problem  find¬ 
ing  employees  to  man¬ 
age  MIT’s  Hyperion  sys¬ 
tems.  “People  who  have  that  skill  are  fairly 
scarce,  and  many  of  them  are  contractors 
or  consultants,” she  says. 

Nearly  every  time  MIT  hires  a  SAP  profes¬ 
sional,  it  is  forced  to  offer  salaries  that  are 
10%  to  20%  higher  than  the  college  origi¬ 
nally  budgeted  for,  Dolan  says. 

SAP  professionals  have  been  able  to  com¬ 
mand  higher  salaries  than  other  IT  workers 
for  at  least  a  few  years,  Dolan  notes,  point¬ 
ing  to  research  completed  by  Hewitt 
Associates  in  the  fall  of  2004. 

SAP  work  was  the  most  lucrative  in  IT  at 
that  time,  exceeding  systems  administra¬ 
tion  salaries  by  25%,  the  survey  found.  SAP 
work  also  paid  more  than  systems  integra¬ 
tion,  data  warehousing,  information  securi¬ 
ty  Web  infrastructure  and  network  engi¬ 
neering. 

While  the  laws  of  supply  and  demand  are 
driving  up  the  price  for  SAP  workers,  apply¬ 
ing  the  term  “shortage”  to  this  situation  may 
be  misleading,  says  Herbert  Lin,  senior  sci¬ 
entist  at  the  Computer  Science  and  Tele¬ 
communications  Board  of  the  National 
Research  Council. 

“If  the  salaries  were  $10  million  a  year, 
there  wouldn’t  be  any  shortage  at  all,"  Lin 
says.  “What  employers  mean  is  T  can’t  find 
enough  people  at  the  wages  I  want  in  order 
to  hire  the  people  I  think  I  need,  so  I’m 
going  to  have  to  raise  wages.’” 

According  to  Foote,  however,  some 
employers  cannot  find  workers  even  when 
they  are  willing  to  raise  salaries.This  is  true 
in  SAP  as  well  as  SAN  administration,  he 
says.  “That’s  another  area  where  we  have 
people  saying ‘I’ve  got  the  money;  we  can’t 
find  the  people,”  Foote  says.H 


SAP  salaries  ahead 
of  the  pack 

Pay  for  143  leading  IT  certifi¬ 
cations  remained  flat,  on 
average,  in  2006.  But  some 
key  SAP  positions  saw 

15.6% 

salary  hikes,  according  to 
Foote  Partners. 


Analyze  the  Future 


JUNE  7-8,  2007 
reserve  your  spot! 

Visit  www.idclTexpo.com 
to  apply  or  call  508.935.471 1 


CONFIRMED  KEYNOTES: 


BILL  BELICHICK 

3-Time  Super  Bowl 
Winning  NFL  Head 
Coach,  New  England 
Patriots 


2nd  Annual  IDC  IT  Forum  &  Expo 


JOHN  F.  GANTZ 

Chief  Research 
Officer,  IDC 


JOHN  P.  KOTTER 

Leadership  Expert, 
Author,  and 
Harvard  Business 
School  Professor 


Real  CIOs,  Real  Success,  Real  Innovation 

We've  gathered  some  of  the  most  innovative  CIOs  in  the  country  to  share  their  success 
stories  and  provide  peer-driven  solutions  to  the  challenges  you  face  as  a  CIO.  Topics  to 
be  covered  include: 


The  Next  Generation  Data  Center 

Scott  Miggo,  VP  of  Technology  Solutions, 
Nationwide  Insurance 

John  Hinkle,  CIO,  Trans  World  Entertainment 


How  to  Focus  Your  IT  Organization 
on  Having  High  Business  Value 

Peter  J.  Whatnell,  CIO,  Sunoco,  Inc. 


The  Case  for  Innovation 

Guido  Sacchi,  CIO,  CompuCredit 


Management  Manifesto 

Frank  Gens,  Senior  VP  for  Research,  IDC 


Combating  Data  Theft 

Darryl  Lemecha,  CIO,  ChoicePoint 


Legacy  Modernization 

Richard  McCormack,  Senior  Vice  President, 
Fujitsu 


Crafting  Your  Strategic  Sourcing  Plan 

Joseph  Drouin,  VP  &  CIO,  TRW  Automotive 


The  CIO  Summit  is  complimentary  to  qualified  CIOs  and  seating  is  limited.  Each  applicant's  credentials 
are  individually  reviewed  to  ensure  a  true  peer  experience.  Visit  www.idclTexpo.com  to  apply  or 
call  Glede  Kabongo  at  508.935.4711. 


For  CIO  Summit  sponsorship  information,  please  contact  Elizabeth  Cutler  at  ecutler@idc.com  or 
508.935.4790.  Only  two  sponsorship  siots  are  left  for  the  summit  so  call  today. 
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IDC  IT  FORUM  EXPO 


IT-enabled  Business  Transformation 
From  Vision  to  Reality 
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B  NETWORK  EXECUTIVES  SHARE  THEIR  WISDOM 


Ton 

continued  from  page  8 

How  does  the  company's  growth  affect  the  IT  department? 

When  I  first  arrived,  there  were  225  desktops.  We  are 
closing  in  on  450  desktops. We  have  around  40  servers 
that  are  in  our  data  center  at  Intech  Park  [in  Indian¬ 
apolis].  What  we’ve  done  on  the  server  side  is  to  look  to 
consolidation.  It’s  the  whole  idea  of  growth  with  down¬ 
sizing  in  mind.  If  we  bring  in  a  new  application,  we  don’t 
automatically  bring  in  a  new  server.  We  try  to  consoli¬ 
date,  use  virtual  servers,  that  sort  of  thing.  Negotiating  vol¬ 
ume  discounts  and  better  service  levels  is  getting  easier. 
Now  we  are  big  enough  to  carry  some  weight  with  our 
vendors,  and  we  have  the  Lauth  name  that  is  becoming 
nationwide.  We  signed  an  enterprise  agreement  with 
Microsoft  that’s  providing  a  lot  of  benefit  to  us  as  we 
continue  to  grow. 

What  are  your  staffing  plans  for  IT? 

At  the  time  I  joined,  we  had  15.  Now  we  have  20.  We’ve 
got  some  other  positions  that  we  plan  on  filling  in  2007, 
which  would  take  us  to  a  total  of  23  or  24. 1  don’t  believe 
we  will  grow  much  beyond  that.  What  we  are  trying  to  do 
is  to  put  controls  in  place  so  we’re  not  growing  linearly 
with  the  company.  We’re  putting  technology  in  place  so 
we  can  support  more  with  fewer  people.  I  went  through 
five  years  of  downsizing  at  Thomson,  so  I’m  trying  to  bring 


those  lessons  learned  to  a 
growing  company  We  are 
growing  with  downsizing  in 
mind. 

What  are  the  top  challenges  you 
face  in  managing  the  company's 
growth? 

One  is  the  speed  at  which 
we  need  to  react.  We ’re  trying 
to  be  more  proactive  as  we  go 
forward.  We  spend  a  lot  of 
time  managing  new  associ¬ 
ates  when  they  come  on  and 
providing  the  training  that’s 
associated  with  the  technol¬ 
ogy  Another  part  of  managing  growth  is  continually  look¬ 
ing  at  our  application  portfolio.  We  have  outgrown  some 
of  our  packages,  and  we  need  to  look  for  products  that 
are  a  little  more  robust.  We’re  also  trying  to  rationalize  our 
software  portfolio  as  we’ve  grown.  With  the  influx  of  new 
associates  that  we’ve  had  in  the  past  few  years,  everybody 
comes  in  with  their  favorite  package  that  they  want  to 
use. 

If  someone  wanted  to  copy  your  idea  and  grow  with  downsizing 
in  mind,  what  would  you  suggest? 

This  philosophy  has  to  do  with  how  you  grow  both 
human  resources  and  technology  resources.  When  you’re 
looking  at  human  resources, you’ve  got  to  leverage  exter¬ 
nal  resources  wherever  you  can, such  as  contractors  and 
consultants. You  have  to  decide  what  knowledge  and  skill 
you  want  to  own  vs.  what  knowledge  and  skill  you  want  to 
get  from  the  outside. You  want  to  introduce  technology 
that  not  only  supports  the  departments  but  supports  the 
IT  staff  as  well, so  they  are  able  to  support  more  with 
fewer  people. You  need  to  standardize  on  your  desktop 
and  laptop  equipment  and  your  cell  phones.  It’s  easier  to 
support  a  standard  desktop.  It’s  about  server  consolidation 
and  software  portfolio  rationalization. You  need  to  edu¬ 
cate  [people]  about  why  you  don’t  want  five  different  soft¬ 
ware  packages  that  do  mapping  analytics.  It’s  not  the  cost 
of  the  software;  it’s  the  support  on  the  back  end  that  adds 
up.  It’s  about  getting  the  message  early  that  the  business 
isn’t  always  going  to  grow  at  the  pace  that  it’s  growing 


Getting  personal:  Jeff  Ton 


Organization: 

Title: 

Responsibilities: 

Tenure: 
Previous  jobs: 


Annual  IT  budget: 

IT  staff: 

Last  good  management 
or  IT  book  read: 

First  experience  with 
the  Internet: 

IT  setup  at  home: 


Lauth  Property  Group 

Vice  President  of  Enterprise  Processes,  Information  &  Technology. 

Oversees  a  unit  that  used  to  be  three;  it  includes  project  management,  desktop  and 
server  support,  and  IT  infrastructure. 

Since  March  2006 

Held  various  posts  with  consumer  electronics  giant  Thomson,  including  director  of 
enterprise  services  centers  and  applications  manager.  Previously  worked  as  a  software 
and  computer  consultant  and  programmer. 

$5  million 

20 

The Oz Principle  by  Roger  Connors,  Tom  Smith  and  Craig  Hickman.  It’s  about  improving 
team  accountability. 

"I  was  a  mainframe  dinosaur.  The  first  time  I  used  the  Internet  was  in  the  mid-1990s. 
I  was  at  home  doing  research." 

A  standard  desktop  with  a  broadband  cable  connection  and  wireless. 


The  things  you  won’t  find  in  print  Read  an  expanded  version  of  the  interview,  www.nwdocfinder.com/7439 


today  When  it  plateaus,  the  pressure  on  overhead  costs  is 
going  to  increase.You  don’t  want  to  stick  your  head  in  the 
sand  and  pretend  that’s  not  coming,  because  it  is. 

Describe  your  IT  strategic  planning  process. 

We  ran  the  strategic  planning  process  for  four  months 
last  year.  Our  goal  was  to  not  only  catch  up  to  the  growth 
that  Lauth  is  going  through  but  to  get  in  front  of  it.  We 
looked  at  what’s  going  to  be  needed  five  years  down  the 
road.  We  were  wrestling  with  how  to  describe  what  we 
were  trying  to  convey  to  the  [management  team]  .which 
doesn’t  know  servers  and  networks  and  doesn’t  care  to 
know  them.  We  got  the  idea  that  building  an  IT  infrastruc¬ 
ture  was  much  like  building  a  building,  so  we  put  that 
theme  into  our  process.  We  had  an  introduction  to  our 
strategic  plan  that  was  a  set  of  blueprints.  One  of  the  doc¬ 
uments  that  Lauth  uses  to  make  its  investment  decisions  is 
called  a  final  investment  memo.  Our  whole  strategic  plan 
was  put  into  the  format  of  a  final  investment  memo.  We 
had  our  strategic  plan  divided  into  phases  like  site  work, 
foundation,  core,  tenant  improvement  and  future  expan¬ 
sion  —  those  types  of  things  that  are  typical  in  real  estate 
development. We  used  the  same  terminology  that  the  guys 
who  are  making  the  decisions  to  fund  this  strategic  plan 
were  used  to  hearing.  It  was  very  well  received  by  the 
Executive  Forum.  We  went  through  in  pretty  minute  detail 
what  we  were  trying  to  do  and  why  we  were  trying  to  do 
it.  It  was  approved  in  September. 

How  much  money  did  you  ask  for  in  the  IT  strategic  plan? 

We  didn’t  ask  for  a  particular  dollar  amount.The  plan 
says  that  if  we  are  going  to  get  from  Point  A  to  Point  B,we 
are  going  to  have  to  increase  IT  funding  forever.  We  asked 
for  an  increase  in  the  IT  budget  as  a  percentage  of  rev- 
enues.The  industry  norm  is  about  2.1%. We  were  at  0.8%. 
The  plan  moves  us  from  0.8%  to  1 .5%. We  didn’t  ask  for 
2.1%  because  we  think  that  if  we  do  this  whole  thing  with 
downsizing  in  mind,  we  can  achieve  the  same  value  from 
IT  at  1.5%  that  other  companies  do  at  2.1%. 

How  does  innovation  fit  into  your  IT  strategy? 

When  you  look  at  Gartner’s  continuum  of  IT  value, you 
start  at  the  very  left  side  with  utility  and  you  go  all  the  way 
to  the  right  side  with  profit  generator. We’re  trying  through 
our  strategic  plan  to  move  from  left  to  right.  We  are  look¬ 
ing  at  how  a  traditional  IT  department  can  add  value  to 
the  product  side  of  the  house,  which  is  building  buildings. 
We  can  help  Lauth  build  buildings  to  support  [emerging 
technology.]  Smart  buildings,  green  buildings.  I’m  trying  to 
figure  out  where  they  fit  in  Lauth’s  business  model  and 
whether  there  are  problems  that  our  department  can  be 
solving.  Obviously  if  you  want  to  build  wireless  into  a 
building,  you  want  to  make  sure  that  the  materials  you  are 
using  don’t  prohibit  the  wireless  signals.Those  are  the 
types  of  things  where  our  expertise  could  be  beneficial. 

You  don't  like  to  talk  about  business-IT  alignment  Why? 

We  don’t  build  IT  systems.  We  build  buildings.  When  we 
presented  the  IT  strategic  plan  to  the  IT  department,  we 
handed  everyone  a  hard  hat.This  was  something  I  wanted 
to  drive  home  to  our  team.  We’re  trying  to  take  the  whole 
business-alignment  concept  out  of  our  everyday  thinking 
and  out  of  our  terminology  We  try  very  hard  not  to  refer  to 
“the  business.”  We  are  the  business.  We  refer  to  the  other 
departments,  but  we  try  not  to  create  a  situation  where  it’s 
the  business  versus  IT.The  business  departments  are  hun¬ 
gry  for  us  to  provide  new  ideas  from  a  technology 
prospective.  1  really  believe  that  from  an  IT  guy’s  perspec¬ 
tive,  this  is  a  once-in-a-lifetime  opportunity  B 
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white  papers  within  the  next  90  days  for  FREE! 
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We  take  "what  ifs"  and  turn  them  into  "so  whats." 


Setting  a  new  standard  in  data  center  operational  excellence 


Our  revolutionary  vendor  neutral  methodology  for 
designing,  deploying,  and  operating  data  centers 
allows  you  to  deal  with  the  major  issues  that 
plague  today's  data  center  managers:  unexpected 
growth,  blade  server  deployment,  heat  in  the 
data  center,  and  increased  operating  expenses. 

We've  made  operational  excellence  the  new 
reality,  where  you  can  deploy  standardized,  modular 
components  and  integrate  repeatable  processes 
in  a  manageable,  predictable  environment.  APC  is 
the  only  company  with  the  engineering  innovation 
to  meet  the  data  center  requirements  of  today  and 
tomorrow.  We  eliminate  data  center  "what  ifs"  by 
bringing  you  visionary  solutions. 

Whether  you're  re-designing  a  data  center,  building 
a  brand  new  facility,  or  experiencing  issues  like  the 
ones  we've  described,  we  can  help.  Call  or  visit  us 
on  the  Web  at  www.apc.com/promo  today  and 
enter  the  key  code  below  for  more  information. 


P  =  Power  Cooling  R  =  Racks 


Modular  technology 

Only  pay  for  the  power  and  cooling  that  you  need  with  our 
"pay  as  you  grow "  building-block  approach  to  configuration. 
This  scalable  solution  allows  you  to  quickly  deploy,  configure, 
and  maintain  our  hot-swappable  components. 


Close-coupled  cooling  method 

Bringing  the  AC  into  the  row,  closer  to  the  source 
of  heat  generation,  reduces  the  distance  cold  air 
needs  to  travel  (50  feet  down  to  5  feet)  and  dramatically 
reduces  mixing  of  hot  and  cold  air  streams.  The  net 
result  is  more  efficient  cooling  and  lower  total  running  cost. 


Thermal  containment  options 

Put  the  cap  on  heat  and  eliminate  expensive  temperature 
cross-contamination  with  innovative  thermal  containment 
options  for  rack  and  full  aisle  configurations. 


NetBotz®  surveillance  products 

Protect  the  physical  security  of  your  data  center  from  threats 
before  they  lead  to  downtime.  Beceive  up-to-the  minute  reporting 
on  environmental  and  physical  conditions  with  the  NetBotz 
remote  monitoring  system. 


Data  Center  University®  online  courses 

Web-based,  modular  courses  tackle  today's  data  center  design,  deployment  and  operational  issues. 
Learn  from  some  of  the  world's  leading  data  center  experts  at  www.datacenteruniversity.com 


See  how... 


Choose  and  download  any  3  APC  white  papers 
within  the  next  90  days  for  FREE! 


Visit  www.apc.com/promo  Key  Code  r557x  •  Call  888.289.APCC  x381 1  •  Fax  401.788.2797 
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AN  INSIDE  LOOK  AT  TECHNOLOGIES  AND  STANDARDS 


Understanding  delta  compression 


Top  five  benefits  of  session  layer  delta  compression 

1.  Very  high  compression  ratios:  Compression  ratios  of  100:1  on  repeat  file  transfers  are  possible. 

2.  Protocol  agnostic:  Session  layer  delta  compression  provides  acceleration  benefits  for  all  application 
protocols. 

3.  Provides  benefit  during  file  edits:  Delta  compression  accelerates  the  transfer  of  modified  files. 

4.  Access  control/security  left  intact:  Session  layer  delta  compression  is  transparent  and  therefore 
compatible  with  an  existing  security  infrastructure. 

5.  Never  delivers  stale  data:  Delta  compression  sends  all  requests  to  the  server. 


BY  SAXON  AMDAHL 

While  WAN-compression  solutions 
have  been  around  for  years,  new  com¬ 
pression  advances  have  resulted  in  pre¬ 
viously  unheard  of  gains  in  bandwidth 
savings.  Delta  compression,  commonly 
referred  to  as  segment  caching  or  byte 
caching,  leverages  pattern-matching 
techniques  and  large  persistent  dictio¬ 
naries  to  dramatically  reduce  the 
amount  of  data  sent  across  the  WAN. 

Delta-compression  systems  are  sym¬ 
metric,  which  means  they  require  com¬ 
ponents,  either  software  or  hardware,  on 
both  ends  of  the  network.  In  almost  all 
cases,  the  server-side  component  is  a 
dedicated  appliance  and  the  client-side 
component  is  a  software  module 
installed  on  the  PC  or  an  appliance 
deployed  in  the  data  path. 

Software  client-based  systems  have  the 
advantage  of  requiring  hardware  on  only 
one  side  of  the  link,  making  the  approach 
suited  for  deployments  in  which  there  are 
only  a  few  users  per  location.  However, 
this  flexibility  comes  at  a  cost.  Client- 
based  compression  systems  are  limited  in 
that  they  operate  only  on  the  data  sent  to 
that  particular  client.  A  file  downloaded 
by  a  client  therefore  provides  no  benefit 
to  other  users.  Furthermore,  client-based 
compression  systems  require  an  addi¬ 
tional  download  during  initial  application 
access.  This  download  degrades  first- 
access  performance. 

WIDE-AREA  NETWORKING 

Subscribe  to  our  free  newsletter. 
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While  appliance-to-appliance  delta 
compression  requires  hardware  at  both 
ends  of  the  network,  it  offers  significant 
performance  advantages  over  client- 
based  deployments.  First,  appliance-to- 
appliance  delta  compression  allows 
cross-user  benefit.  When  one  user  down¬ 
loads  a  file,  the  transferred  bytes  can  be 
used  to  compress  the  same  file  when  it  is 
requested  by  a  second  user.  Additionally, 
symmetric  appliance  deployments  have 
no  first-transfer  penalty  because  no 
client  code  has  to  be  installed.  Finally, 
symmetric  appliance  deployments  pro¬ 
vide  benefits  not  found  in  client-based 
systems,  such  as  QoS  capabilities. 

In  addition  to  hardware  and  software 
deployment  techniques,  delta-based 
compression  can  be  achieved  at  differ¬ 
ent  network  layers.  Some  systems  oper¬ 
ate  at  lower  layers  of  the  OS1  model, 
while  others  operate  at  higher  layers.The 
layer  of  operation  has  a  significant 
impact  on  compression  effectiveness. 

IP-  or  TCP  Packet-based  (Layer  3  or  Layer 


4)  compression  systems  buffer  packets 
that  are  then  compressed  one  at  a  time  or 
as  a  group  and  sent  to  the  decompressor. 
The  primary  problem  with  Layer  4  com¬ 
pression  is  that  it  compresses  packets  indi¬ 
vidually  or  mixes  different  data  types 
together.  Both  of  these  options  negatively 
affect  the  final  compression  ratio. 

One  alternative  to  packet-level  com¬ 
pression  is  application  layer-based 
(Layer  7)  compression.  This  approach 
involves  buffering  the  server’s  response 
and  then  computing  a  delta  between  the 
current  response  and  a  reference 
response.This  reference  response  can  be 
thought  of  as  a  typical  response  for  the 
current  request. 

This  approach  improves  compression 
ratios  by  extending  the  scope  of  the 
delta  operation  from  the  packet  to  the 
entire  application  response,  but  limits 
the  benefits  to  one  protocol. 
Furthermore,  application-layer  compres¬ 
sion  only  performs  a  delta  between  a 
single  reference  response  and  the  cur¬ 


rent  one.  As  a  result,  the  amount  of  data 
that  can  be  drawn  from  is  limited,  which 
dramatically  impacts  overall  compres¬ 
sion  ratios. 

The  ideal  compression  solution  oper¬ 
ates  at  the  session  layer  (Layer  5).  This 
allows  it  to  apply  compression  across  a 
completely  homogeneous  data  set  while 
addressing  all  application  types. 
Furthermore,  session  layer  operation 
eliminates  packet  boundary  limitations. 
This  makes  it  easier  to  find  long  matches 
in  the  datastream. 

Overall,  the  most  critical  consideration 
when  comparing  delta-compression  sys¬ 
tems  is  throughput.  While  achieving  a 
high  compression  ratio  is  important, 
maximum  throughput  is  vital  to  improv¬ 
ing  application  performance.  Delta- 
compression  systems  often  achieve 
compression  ratios  of  95%  or  higher.  To 
fully  translate  this  bandwidth  reduction 
into  performance,  the  system  needs  to 
operate  at  20  times  the  WAN  speed. 

In  conclusion,  the  performance  gains 
from  a  given  compression  technology 
can  be  assessed  by  considering  the  tech¬ 
nology’s  expected  compression  ratio,  the 
devices’  peak  compression  throughput 
and  the  network  bandwidth.  Too  low  a 
compression  ratio  and  the  network  will 
remain  saturated  and  performance  gains 
will  be  minimal.  Similarly,  too  low  a  com¬ 
pression  speed,  and  the  compression 
device  itself  becomes  the  bottleneck. 

Amdahl  is  a  technical  marketing  man¬ 
ager  at  F5  Networks.  He  can  be  reached  at 
s.amdahl@f5.com. 
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By  Steve  Blass 


What  options  exist  for  presenting  multiple 
remote  RSS  feeds  on  a  single  Web  page  in 
order  to  publish  a  shared  news  portal  on  a 

Web  site? 

There  are  a  number  of  free  RSS  feed-conversion 
Web  services,  such  as  www.rss-to-javascript.com, 
where  you  can  type  in  the  Web  address  for  an  RSS 
feed  to  get  a  copy  of  JavaScript  code  that  you  can 
put  in  a  Web  page  to  retrieve  and  display  the  up¬ 
dated  feed  when  the  page  is  visited.  These  services 


typically  route  feed  requests  through  their  own  RSS 
gateway.  If  you  are  using  a  content-management  sys 
tern,  check  whether  your  software  already  supports 
publishing  news-aggregation  pages  on  the  Web  site. 
If  you  use  Macromedia  Dreamweaver,  an  extension 
is  available  from  www.rnsoft.com  for  placing  RSS 
feeds  inside  Web  pages.  You  can  find  a  source-code 
example  of  using  JavaScript  to  retrieve  and  display 
RSS  content  from  your  own  server  at  www.nwdoc 
finder.com/7326. 

AJAX  JavaScript  is  limited  to  requesting  informa¬ 


tion  from  the  server  from  which  the  page  was 
loaded,  so  displaying  remote  feeds  requires  a  gate¬ 
way  program  or  proxy  service  on  the  Web  server  to 
retrieve  content  from  remote  systems.  The  free  RSS 
Display  Boxes  software  from  www.dynamicdrive.com 
uses  PHP  on  the  server  and  JavaScript  on  the  client 
browser  to  support  the  placement  of  multiple  RSS 
feeds  in  HTML  DIV  sections  on  Web  pages. 


Blass  is  an  IT  manager  in  Phoenix  and  can  be  reached 
at  dr.internet@jschnee.com. 


By  2010,  the  increase  in  expense  to  power  and  cool  servers  is  projected  to  be  approximately  four  times  the 
increase  in  new  server  spending.1  The  IBM  System  x3655  Express  can  help  control  rising  energy  costs  starting 
today.  How?  It  comes  with  an  ingenious  technology  called  PowerExecutive^  which  allows  you  to  allocate 
power  to  each  server,  helping  to  optimize  and  save  you  money.2  Only  IBM  has  it.  The  x3655  is  just  one  of 
many  Express  systems  designed  for  business  performance  computing.  With  IBM,  innovation  comes  standard. 
So  why  waste  energy  on  anything  else? 


AUTOMATICALLY  PUTS 
YOUR  BUSINESS  INTO 
ENERGY-SAVING  MODE. 


IBM  System  x3655  Express 

Mission-critical  availability  and  performance  in  an  affordable  package. 


Monitor  power  consumption  and  allocate  power  where  needed  with  PowerExecutive 
64GB  maximum  low-power  DDR2  memory _ 

Choose  flexibility  and  robust  I/O  configuration  with  IBM  extended  I/O _ 

Featuring  the  Next-Generation  AMD  Opteron™  processor  with  AMD  PowerNow!™  technology 
Limited  warranty:  3  years  on-site3 

From  $2,359*  or  $61/month 


AMDCl 


Opteron 


'All  prices  are  IBM's  estimated  retail  selling  prices  as  of  January  16, 2007.  Prices  may  vary  according  to  configuration.  Resellers  set  their  own  prices,  so  reseller  prices  to  end 
users  may  vary.  Products  are  subject  to  availability.  This  document  was  developed  for  offerings  in  the  United  States,  IBM  may  not  offer  the  products,  features,  or  services 
discussed  in  this  document  in  other  countries.  Prices  subject  to  change  without  notice  Starting  price  may  not  include  a  hard  drive,  operating  system  or  other  features. 
Contact  your  IBM  representative  or  IBM  Business  Partner  lor  the  most  current  pricing  in  your  geography  1 .  Based  on  "IDC.  'The  Impact  of  Power  and  Cooling  on  Data  Center 
Inlrastmcture.'  Document  #201722,  May  2006,"  page  six,  which  highlights  that  a  rapidly  rising  server  installed  tee  is  projected  to  drive  an  increase  in  the  cost  ot  power  and 
cooling  over  the  next  live  years.  2.  PowerExecutive  can  help  save  power  during  periods  ot  lower  utilization.  3.  IBM  hardware  products  are  manufactured  from  new  parts,  or 
new  and  serviceable  used  parts.  Regardless,  our  warranty  terms  apply.  For  a  copy  ol  applicable  product  warranties  visit:  ibm.com/servers/support/machine_warrarities 
or  write  to:  Warranty  information.  P.O.  Box  12195,  RTP.  NC  27709,  Attn:  Dept.  JDJA/B203.  IBM  makes  no  representation  or  warranty  regarding  third-party  products  or 
services,  including  those  designated  as  SetverProven  or  ClusterProven.  Telephone  support  may  be  subject  to  additional  charges.  For  on-site  labor.  IBM  will  attempt  to 
diagnose  and  resolve  the  problem  remotely  before  sending  a  technician.  On-site  warranty  is  available  only  for  selected  components.  4  IBM  Global  Financing  offerings  are 
provided  through  IBM  Credit  LLC  in  the  United  States  and  other  IBM  subsidiaries  and  divisions  worldwide  to  qualified  commercial  and  government  customers.  Monthly 
payments  provided  are  tor  planning  purposes  only  and  may  vary  based  on  your  credit  and  other  factors.  Lease  offer  provided  is  based  on  a  FMV  lease  of  36  monthly 
payments.  Other  restrictions  may  apply.  Rates  and  offerings  are  subject  to  change,  extension  or  withdrawal  without  notice.  Information  about  non-IBM  products  is  obtained 
trom  the  manufacturers  of  those  products  or  their  published  announcements.  IBM  has  not  tested  those  products  and  cannot  confirm  the  performance,  compatibility,  or  any 
other  claims  related  to  non-IBM  products.  Questions  on  the  capabilities  ol  non-IBM  products  should  be  addressed  to  the  suppliers  ol  those  products.  5.  Remote  Supervisor 
Adapter  (RSA)  It  SlimLine  can  enhance  your  ability  to  manage  your  server  via  an  active  network  connection  to  the  server  as  well  as  through  an  optional  dedicated  network 
connection  to  the  RSA  !l  SlimLine.  To  manage  servers  in  different  locations,  you  must  have  http  ot  WAN  access  to  the  server  via  the  RSA  II  SlimLine.  6.  Offer  subject  to 
the  complete  terms  of  the  IBM  Remote  Supervisor  Adapter  Promotion  Otter  can  be  withdrawn  by  IBM  al  any  time  without  notice.  IBM,  the  IBM  logo,  PowerExecutive  and 
System  x  are  trademarks  or  registered  trademarks  ol  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  AMD.  the  AMD  logo,  AMD 
PowerNow!  and  AMD  Opteron  are  trademarks  ot  Advanced  Micro  Devices,  Inc.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  ol  others. 
©2007  IBM  Corporation  All  rights  reserved. 


30%  OFF  IBM  REMOTE 
SUPERVISOR  ADAPTER  II 
SLIMLINE 

Remote  control:  Manage  a  server 
from  a  different  floor.  A  different 
building.  Or  a  different  city 6 
With  an  advanced  yet  simplified 
remote  management  system  for 
IBM  System  x™  servers.  Now  at 
30%  off  through  March  30? 


ibm.com/ 

systems/innovate65 


1  866-872-3902 
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Andreas  Antonopoulos 


Does  it  take  200 
products  to  secure 
the  enterprise? 

Visiting  the  recent  RSA  ’07  security  confab,  I  tried  to 
embrace  the  fact  that  this  security  conference  is  no 
longer  an  insiders’  gathering,  and  tried  to  put  myself  in 
the  shoes  of  a  newbie  to  figure  out  what  I  should  pay  atten¬ 
tion  to  in  a  new  security  job. 

The  first  mistake  1  made  as  a  newbie  was  to  wear  new 
shoes:  ouch. The  second  was  to  try  to  take  all  of  the  show 
in.  If  you  accept  the  premise  that  security  should  be  holistic 
and  not  about  silver  bullets,  then  the  RSA  show  floor  was  a 
big  bucket  of  silver  bullets. 

Hundreds  of  features  disguising  themselves  as  products, 
loudly  touting  the  latest  scare:“Did  you  know  there  are 
ogres  lurking  in  this  obscure  part  of  your  infrastructure? 
Anti-OGRE!”  It  was  difficult  to  see  what  the  big  new  theme 
for  security  is  in  2007. 

If  1  were  to  take  each  offering  at  face  value,  what  would 
I  need  to  deploy  in  my  enterprise  to  secure  against  all 
these  threats?  Viruses,  worms,  rogue  wireless,  stolen  iden¬ 
tity  leaked  secrets,  privilege  escalation,  zombie  armies  — 
none  of  these  is  outside  the  scope  of  the  threats  an 
enterprise  faces. 

I  would  put  in  six  to  seven  appliances  around  every 
switch,  a  few  more  in  front  of  my  egress  routers  and  a  cou¬ 
ple  dozen  servers  in  the  data  center  to  crunch  all  the 
data.  I  would  have  a  management  console  for  each  prod¬ 
uct  and  a  separate  set  of  policies.  All  of  the  different  prod¬ 
ucts  would  send  a  stream  of  logs  and  reports  to  as  many 
as  a  dozen  consoles. 

The  security  industry  is  suffering  from  an  innovation 
model  that  is  driven  by  an  arms  race.  Let’s  face  it,  most  of 
the  R&D  that  matters  is  done  by“them.”The  security  innova¬ 
tion  is  almost  always  reactive. 

So  every  now  and  then,  as  new  threats  emerge,  a  dozen 
start-ups  pop  up  to  address  that  one  tiny  niche.  It  takes 
about  a  year  or  two  for  these  smaller  companies  to  be 
acquired  and  integrated  into  monolithic  security  suites. 

And  the  cycle  continues. 

While  this  model  may  work  for  the  industry,  it  doesn’t 
seem  to  work  for  the  customers  who  report  feeling  insecure 
and  are  getting  breached  despite  billions  of  dollars  of 
spending  over  a  decade  and  a  half. The  missing  ingredient 
is  not  integration,  but  interoperability  This  industry  needs  to 
replace  single-vendor,  tightly  coupled  integration  with  multi¬ 
vendor,  protocol-based  interoperability 

Antonopoulos  is  a  senior  vice  president  and  founding 
partner  at  Nemertes  Research,  an  independent  technology 
research  firm.  He  writes  Network  World’s  security  column 
and  data  center  newsletter.  He  can  be  reached  at 
andreas@nemertes.  com. 


Fix  for  Windows  problem 

Regarding  Mark  Gibbs’  latest  Unfathomable 
Windows  Problem:  “How  does  Windows  and  its 
Start  menu  get  screwed  up  to  the  point  where 
opening  the  Start  menu  and  clicking  on  Programs 
or  Settings  results  in  the  playing  of  the  Windows 
alert  sound  and  nothing  else?”  (www.nwdocfind 
er.com/7421):There  is  a  simple  fix  for  this  problem. 

Remove  the  system  drive,  place  it  in  a  working 
Windows  system  and  back  up  all  files.  Replace  the 
drive  and  reformat  it.  Reinstall  Windows,  download 
and  apply  48MB  of  security  and  bug 
patches.  Download  and  install  hardware  drivers. 
Reinstall  all  applications.  Download  and  apply 
application  updates.  Copy  backed-up  user  profile 
and  documents  into  the  myriad  of  appropriate  12- 
level-deep,  nested  folder  locations.  Locate  and 
rename  the  Hatten  Bold  font  file  (Microsoft  actu¬ 
ally  had  me  do  this  to  fix  a  failed  Office  upgrade). 
Buy  a  Mac  and  migrate  your  files  to  the  Mac. 

Dell  tech  support  informs  me  that  another  possible 
fix  is  the  Initialize  Array  command,  which  they  rec¬ 
ommend  early  and  often. 

Jim  Magruder 
Network  engineer 
Digital-DNS 
Greenville,  S.C. 

Inside  job 

Regarding  “The  7  best  practices  for  network  secu¬ 
rity  in  2007”  (vvww.nwdocfinder.com/7422):Yes, it’s 
important  to  lay  out  corporate  security  policies, 
but  these  days  that’s  just  not  enough  to  protect 
organizations  from  inside  threats.  Data  theft  and 
internal  security  breaches  through  the  use  of 
portable  storage  devices,  such  as  iPods,  USB  sticks 
and  digital  cameras,  are  on  the  rise  and  can  catch 


organizations  with  their  pants  down. 

Moderated  lockdown  of  a  network’s  endpoints  is 
vital, and  organizations  should  consider  investing  in 
a  good  endpoint-security  package. 

Edward  Lansink 
Cary  N.C. 

eBook  reader 

Regarding  Mark  Gibbs’  Gearhead  column  “Almost 
as  good  as  paper”  (www.nwdocfinder.com/7423):  1 
use  my  Palm  TIX  and  its  eReader  program  to  read 
eBooks.  I  am  not  sure  if  this  is  a  proprietary  format, 
but  I  find  the  2  l/8-by-3  1/8-inch  rotatable  screen 
very  easy  to  read.There  are  four  font  sizes,  even  the 
smallest  of  which  is  easy  to  read.  The  program  in¬ 
cludes  all  the  expected  reader  features,  including 
bookmarks,  searches  and  management  of  multiple 
books.  I  have  downloaded  and  read  dozens  of 
books,  and  enjoy  reading  ebooks  on  my  Palm. 

As  the  font  or  orientation  is  changed  on  the  Palm, 
the  book  is  reformatted,  and  all  bookmarks  remain 
at  their  proper  location.  I  find  it  very  handy  to  have 
several  books  right  in  my  pocket,  ready  for  when  I 
have  some  free  time  to  read. 

One  of  the  interesting  features  is  that  the  pur¬ 
chased  and  downloaded  eBook,  available  through 
the  Palm  eBook  portal,  is  secured  with  the  credit 
card  number  used  to  purchase  the  book.  This  pre¬ 
vents  someone  from  passing  the  file  around. 

What  features  would  I  like?  A  bigger  screen  would 
be  nice,  but  that  would  defeat  the  original  purpose 
of  the  pocket-size  Palm  TIX.  I  would  like  to  see  more 
books,  new  and  old,  available  in  eBook  format. 

Bob  Ackerman 
Kirksville,  Mo. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 
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The  telework  effect 


BY  ANN  BEDNARZ 

Growing  numbers  of  employ¬ 
ees  are  becoming  teleworkers,  at 
least  part  time.  Just  in  the  last  two 
years  the  number  of  Americans 
whose  employer  allows  them  to 
work  remotely  at  least  one  day 
per  month  increased  63%  to  12.4 
million,  according  to  a  report 
from  WorldatWork,  an  interna¬ 
tional  association  of  human 
resources  professionals. 

I  wondered  what  that  means  for 
enterprises’  WAN  optimization 
and  application  acceleration 
strategies. 

Home  work 

In  the  last  two  years,  the 
number  of  Americans  whose 
employer  allows  them  to  work 
remotely  at  least  one  day  per 
month  increased  63%  to 

12.4  million. 

SOURCE:  WorldatWork 


Certainly  a  trend  among  ven¬ 
dors  has  been  to  create  perfor¬ 
mance-enhancing  technologies 
geared  for  smaller  corporate  sites. 
So-called  “branch  in  a  box”  appli¬ 
ances  from  Blue  Coat  Systems 
and  other  vendors  combine 
server  and  WAN  optimization 
controller  (WOC)  functions  to 
boost  application  availability  and 
response  time  for  remote  employ¬ 
ees  who  need  access  to  centrally 
run  systems  and  processes. 

These  appliances  are  intended 
for  installation  in  multiple  distrib¬ 
uted  sites  where  IT  assistance  is 
likely  scarce,  so  it  seems  feasible 
for  a  company  to  deploy  such  a 
device  in  the  home  of  a  full-time 
telecommuter  who  needs  better 
performance. 

But  that  logic  doesn’t  hold  true 
for  the  armies  of  employees  who 
only  intend  to  telework  occa¬ 
sionally  —  one  day  per  month  is 
hardly  justification  for  placing  an 
acceleration  device  in  the  home. 


nww.com 

In  your  in-box 

Sign  up  for  this  or  any  of  Network 
World's  many  other  e-mail  newsletters. 
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To  tackle  this  population,  ven¬ 
dors  such  as  Intelligent  Com¬ 
pression  Technologies  and  Stam¬ 
pede  Technologies  are  offering 
WAN  optimization  software 
geared  for  laptops  and  consumer 


broadband  connections.  Gartner 
predicts  the  industry  will  see 
growth  in  such  “soft  WOC  clients” 
that  allow  single  remote  PC  users 
to  take  advantage  of  key  WAN 
optimization  capabilities. 


These  products  are  still  in  the 
early  stages,  for  the  most  part, 
and  it  remains  to  be  seen  how 
quickly  they  might  catch  on.  I’d 
be  interested  in  hearing  from 
early  adopters  who  have  found 
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a  solution  for  boosting  WAN  per¬ 
formance  for  home-based  and 
mobile  employees. 

If  you’d  like  to  share  your 
experience,  please  send  your 
comments  my  way.  ■ 


Witness  network  history. 


Use  the  past  to  solve  the  present. 

For  problem  resolution  rely  on  the  Network  Instruments®  GigaStor™ 
appliance.  Everything  is  recorded — every  packet,  every  protocol,  every 
transaction  for  hours,  days,  even  weeks.  Go  back  in  time  to  determine  not 
only  when  the  application  went  down  but  why. 

Resolve  intermittent  problems,  track  compliance,  isolate  VoIP  quality 
issues,  and  more  on  the  most  complex  WAN,  Gigabit,  and  10  GbE 
networks.  Turn  back  the  clock  with  the  GigaStor.  After  all,  those  who  fail  to 
study  history  are  doomed  to  repeat  it. 


GigaStor:  Get  proof.  Take  action.  Move  forward. 
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Innovative 

shifting,  these  New  Dc 
Center  wares  are  tops 


BY  JOANNE  CUMMINGS 


ructure  3 


.  U ; _ It _ 4-4 _  Few  New  Data  Center  archi¬ 

tects  need  an  introduction  to 
VMware  server-virtualization 
software,  but  some  might  not  be 
familiar  yet  with  the  latest  version 
— VMware  Infrastructure  3  (VI3),  which  offers 
increased  power  for  virtual  machines,  upping  the  sym¬ 
metric  multiprocessor  support  from  two  to  four  proces¬ 
sors  and  increasing  the  overall  memory  limit  from  4G 
to  16GB.  Additionally, V13  rounds  out  storage  support 
with  iSCSI  and  network-attached  storage  interfaces. 

The  VirtualCenter  management  tool  also  has  be¬ 
come  significantly  better  with  the  new  release.  It  now 
supports  resource-pooling  and  automated  distribu¬ 
tion  of  server  and  storage  resources  on  the  fly.  Plus,  it 
now  includes  a  distributed-resource  scheduler  that 
load-balances  and  distributes  resources  to  virtual 
machines,  and  VMware  HA,  a  high-availability  fea¬ 
ture  that  moves  and  restarts  virtual  machines  off 
failed  hardware. Longtime  user  Bruce  McMillan, 
manager  of  emerging  technologies  at  Solvay 
Pharmaceuticals  in  Marietta,  Ga.,  says  he  especially 
likes  the  latter  feature.“In  the  past,  if  an  ESX  Server 
went  down,  I’d  have  to  go  into  VirtualCenter  and 
manually  start  up  another  one,”  he  says.“With  VI3 
and  HA,  it’s  all  automated. That’s  huge.” 


i. _ VJL _ LI .  What  if  you  could  move  and 

access  data  as  quickly  and  as  eas- 
\  \  ily  as  you  can  deploy  a  virtual 

machine?  That’s  the  idea  behind 
Tangosol’s  Coherence.The  software, 
which  runs  on  most  commodity  servers,  provides  in¬ 
memory  data  management  for  high-transaction  appli¬ 
cations,  thus  eliminating  delays  that  might  result  from 
fetching  data  from  a  disk  or  storage  area  network. 
Because  Coherence  runs  on  multiple  servers  in  a 
fault-tolerant,  clustered  fashion,  as  you  add  or  remove 
servers,  the  cluster  dynamically  reorganizes  itself  and 
all  the  information  that  it’s  managing  "says  Cameron 
Purdy, Tangosol’s  CEO. That  information  is  virtualized 


Over  the  last  three  years,  the  New  Data  Center  concept 
has  reached  star  status' ‘*$4  and  deservedly  so.  The  flexibil¬ 
ity,  reliability  and  resiliency  enabled  by  foundational  New 
Data  Center  technologies  such  as  automation  and  virtual¬ 
ization  have  let  enterprises  usher  in  big  cost  savings,  much 
improved  productivity  and  cool  business  differentiators. 


In  this  first  of  our  six-part,  fourth  annual  New  Data  Center 
series,  we  take  a  stroll  down  the  concepts  walk  of  fame.  It 
all  starts  with  technological  innovation,  which  we  highlight  at 
the  right,  with  a  look  at  10  of  the  best  products  to  fall  under 
the  New  Data  Center  marquee,  and  inside,  on  page  29, 
with  a  selection  of  advanced  open  source  wares. 


UJf  course,  the  walk  of  fame  features  stellar  examples  o 
enterprise  best  practices  and  more.  Beginning  on  page 


*  Best  practices  for  building  a  Linux  grid. 

Top  tips  for  implementing  an  enterprise 
service-oriented  architecture. 


f\  heads-up  on  a  great  IN 
Center  career  opportunity 


*  A  status  report  on  how  automated  IT 
is  today. 


Even  more  on  the  New  Data  Center  is  available  online 
-^www, nWw.com/supp/2Q07/ndc1.  At  this  special 
site/  you  can  participate  in  forums,  get  the  latest  expert 
insight,  use  our  extensive  archive  to  search  New  Data 
Centeir  topics  and  more. 


As  2007  unfolds,  well  be  highlighting  more  great  New 
Data  Center  technologies,  case  studies  and  expert  advice. 

I 

Stay,  tuned  for  our  look  at  the  latest  in  security  technologies 
and  trends,  including  the  growing  specter  of  the  insider 
threat,  coming  in  the  March  19  New  Data  Center  issue. 
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across  those  servers,  making  it  available 
to  applications  seamlessly  as  needed. 

Wachovia  Bank,  a  financial  services 
firm  in  Charlotte,  N.C.,  is  making  good 
use  of  Coherence’s  on-demand  capabil- 
ities.The  bank  uses  another  best  prod¬ 
uct,  DataSynapse’s  FabricServer,  to  virtu¬ 
alize  its  Java  applications  across  the 
enterprise  and  to  broker  computing 
supply  and  demand,  ensuring  that  each 
job  is  performed  by  the  best  resource 
(www.nwdocfinder.com/7523). 

“But  FabricServer  can’t  leverage  the 
memory  of  many  machines  at  once,  and 
it  doesn’t  synchronize  the  data.  I  need 
that  kind  of  transactional  capability  and 
management,  and  Coherence  solves  that 
problem,”  says  Tony  Bishop,  director  of 
product  management  at  the  bank.  With 
Coherence,  performance  has  improved 
by  as  much  as  100  times,  Bishop  says. 


DataSynapse’s 
FabricServer  is  all 
about  matching 
processing  needs  to 


Tangosol's  Coherence  provides  data 
virtualization  across  multiple  servers. 


SERVER  2 


computing  resources  on  the  fly  The  soft¬ 
ware  provides  a  control  layer  that  acts 
as  a  broker  between  applications  and 
their  computing  resources,  essentially 
virtualizing  applications  so  they  can  be 
processed  by  the  best  available  re¬ 
source.  A  centralized  broker  in  the  soft¬ 
ware  employs  user-defined  rules  to 
determine  that  allocation.  If  an  applica¬ 
tion  is  deemed  time-sensitive  and  mis¬ 
sion-critical,  for  example,  a  rule  would 
determine  that  it  be  processed  only  by 
the  fastest,  most  powerful  servers  in  the 
data  center.  Software  on  each  pooled 
resource  communicates  with  the  central 
server  to  identify  available  CPU  memory 
and  processing  power,  says  Shayne 
Higdon,  a  DataSynapse  vice  president. 

“If  I  have  memory-,  CPU-  or  I/O¬ 
intensive  stuff,  but  I  know  I  have  a 
better  machine  over  here  that  could 
run  it  faster  than  what  it’s  on,  I  can 
just  allocate  it  there,  since  I’m  vir¬ 
tualizing  the  demand  and  match¬ 
ing  it  up.  FabricServer  understands 
that  a  service  can  change  its  size  and 
shape  at  different  times  of  the  day, 
week  or  month,  and  adjust  for  that,” 
says  Wachovia’s  Bishop. 

“The  [Coherence-FabricServer]  tech¬ 
nology  combination  has  exponential 
impact  in  terms  of  performance  and 
time  to  market,”  Bishop  says.“Not  only 
do  you  drive  efficiencies,  but  you  can 
deliver  new  business  capability  in  a 
dynamic,  real-time  manner.  It  changes 
the  whole  paradigm.” 


Primary  Data 
Logical  Data 
Backup  Data 


— +~  ,  As  much 
of  a  bless¬ 
ing  as 

mobility  can 
be,  keeping  track 
and  resources 
the  network  can 
2.  Newbury  tackles  the 
with  Presence 
based  on  the  firm’s 

The  appliance 
vendor’s  wireless  LAN 
device  sporting  a 


Newbury's  Location  Appliance  helps  keep 
track  of  nonstationary  assets. 


WLAN  card.  It  also  tracks  items  more 
specifically  via  radio-frequency  tags. 
Newbury  provides  key  applications 
including  location-based  content  pro¬ 
visioning;  or  users  can  use  Presence 
Platform  to  build  custom  applications. 

“Customers  build  different  rules 
about  what  kinds  of  wireless  devices 
can  be  active  where,  and  then  they  can 
control  access  to  the  network  based 
on  where  users  are,”  says  Brian 
Wangerien,vice  president  of  marketing 
at  Newbury. “So  in  a  hotel,  you  can  pro¬ 
vide  different  access  and  billing 
whether  you’re  in  a  conference  room,  a 
lobby  or  on  the  concierge  floor’ 

Martin  van  der  Meer  is  the  informa¬ 
tion  adviser  at  Medisch  Centrum 
Alkmaar  (MCA), a  hospital  in  the 
Netherlands.  MCA,  which  has  a  Trapeze 
Networks  WLAN,  uses  the  Newbury 
appliance  to  blanket  its  1,200  users 
and  200  wireless  devices,  such  as  lap¬ 
tops  and  PDAs.  By  integrating  location 
information  with  the  Electronic  Nurse 
File  patient-tracking  system,  the  hospi¬ 
tal  makes  sure  each  nurse  matches  up 
with  the  right  patient. “With  Newbury, 
the  nurses  get  a  short  list  of  patients  in 
our  Electronic  Nurse  File,  depending 
on  which  room  they  are  in  at  the 
time, ’’van  der  Meer  says.  A  nurse  selects 
a  patient  and  accesses  the  relevant 
medical  records,  rather  than  having  to 
scan  a  bar  code  on  a  patient  wristlet. 


Storage  virtual¬ 
ization  became  a 
lot  more  inter¬ 
esting  last  Sep- 
/  J  tember,  when 
Incipient  launched 
its  iNSP  software. 

Running  on  a  storage  blade  within  a 
Cisco  director-level  switch,  the  software 
offers  data  migration  between  hetero¬ 
geneous  and  tiered  storage  environ¬ 
ments,  all  while  the  arrays  are  online. 

Although  storage  vendors  have  been 
offering  similar  wares,  until  now  they 
worked  only  within  their  own  switches 


and  arrays. 

By  moving  the  storage 
intelligence  off  the  array  and 
onto  the  network  in  a  vendor-agnostic 
way,  and  by  allowing  live  data  migra¬ 
tion,  Incipient  opens  many  options  for 
its  customers. 

Bart  McDonough,  director  of  systems 
architecture  at  a  hedge  fund  in  Stamford, 
Conn., has  been  beta-testing  iNSP 
“Incipient  allows  us,  behind  the  scenes 
and  in  real  time,  to  migrate  data  over  to 
another  array  We  can  get  all  the  storage  off 
Array  A,  do  maintenance,  power  it  down, 
do  firmware,  test  it  and  make  sure  it’s 
good, all  before  we  start  moving  the  sys¬ 
tems  back  to  it.  And  the  production  appli¬ 
cations  aren’t  affected.  It’s  great,”  he  says. 

As  much  as  he  likes  the  high  availabil¬ 
ity,  which  makes  no  array  a  single  point 
of  failure,  the  productivity  factor  is  what 
sold  him,  McDonough  says.“Bringing 
down  one  of  our  big  arrays  for  mainte¬ 
nance  . . .  requires  a  lot  of  coordination, 
and  a  lot  of  weekend  work  for  my  staff. 
With  Incipient,  all  of  this  could  be  done 
during  the  workday  That’s  a  huge  pro¬ 
ductivity  hit  we  could  avoid.” 


In  large  orga¬ 
nizations  with 

V  /  multiple  data  cen- 
ters,  inventorying 
which  systems  and 
applications  are  running  where  — -  and 
how  they’ve  changed  —  can  be  a  monu¬ 
mental  task.Tideway  Systems’  Foundation, 
a  configuration  management  database- 
based  application  discovery-and-mapping 
tool,  provides  that  information  and  more 
on  a  daily  or  even  hourly  basis. The  agent¬ 
less  tool  finds  every  application  instance 
—  whether  known  to  IT  or  not  —  and 
maps  it  to  any  application  dependencies 
on  the  network,  showing  users  at  a  glance 
what’s  running  and  what’s  changed.With 
that  information,  users  can  make  proac¬ 
tive,  intelligent  decisions,  knowing  in 
advance  the  effects  of  any  changes  they 
may  make. 

Tideway  “helps  us  manage  change  and 
improves  our  ability  to  spot  and  analyze 
problems  across  the  environment," says 
Stephen  Ashton,  London  CIO  at 

See  Pr  oducts,  page  ?.£ 
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ikM  Windows  Server2003 


For  all  stories  go  to 


WINDOWS  SERVER  TAKES 
CHECKERED  FLAG  OVER  LINUX 


Tom  Nagy  for  The  Highly 


THE  CONTIDROM,  CONTINENTAL  AG’s  storied  test  track  located  near  Hanover,  Germany. 
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Microsoft 


www.microsoft.com/getthefacts 


New  System  Gives 
Global  Automotive  Supplier 
99.9%  Reliability 

By  MICHAEL  BETTENDORF 

HANOVER,  Jan.  2007  -  “We  needed  rock- 
solid  reliability,  and  we  weren’t  getting  it  from 
our  legacy  infrastructure,”  says  Paul  Schwefer, 
CIO  at  Continental  AG,  one  of  the  world’s  largest 
automobile  suppliers  with  over  85,000  employees 
worldwide.  Inadequate  management  tools  made  it 
difficult  for  Schwefer’s  team  to  keep  system  uptimes 
at  the  high  levels  expected  at  Continental  AG,  so  a 
change  in  platform  was  necessary. 

Initially,  a  Linux  solution  was  considered. 
However,  after  a  thorough  evaluation,  Schwefer’s 
team  determined  that  Linux  could  not  deliver  the 
reliable,  predictable  environment  Continental  AG 
required.  Instead,  they  chose  Microsoft*  Windows 
Server*  2003. 

With  key  features  of  Windows  Server  2003 
such  as  group  policy  management,  Schwefer 
found  clear  advantages  over  a  Linux-based 
solution.  “Windows  Server  provides  a  reliable 
environment  with  centralized  administration  and 
management,”  said  Schwefer,  who  believes  that 
superior  manageability  leads  to  high  reliability. 
“Duplicating  this  level  of  service  in  a  Linux-based 
environment  would  have  been  very  difficult  and 
more  costly,”  he  says. 

The  decision  has  proven  successful:  Since 
the  implementation,  Windows  Server  2003 
has  provided  99.9%  reliability  in  a  distributed 
environment  for  Continental  AG.  For  the  full 
Continental  AG  case  study,  plus  other  case 
studies  and  independent  research  findings  on  the 
reliability  of  Windows  Server  versus  Linux,  visit 


BREAKING  NEWS:  Reliability  linked 
to  cheerfulness  in  IT  professionals 


In  a  trend  with  global  implications,  IT  profession¬ 
als  such  as  Continental  AG  CIO  Paul  Schwefer 
show  obvious  signs  of  exuberance  (see  above)  due 
to  high  Windows  Server  reliability. 


"Windows  Server  provides  a  reliable 
environment  with  centralized 
administration  and  management. 
Duplicating  this  level  of  service  in  a 
Linux-based  environment  would  have 
been  very  difficult.  ” 

—  Paul  Schwefer,  CIO,  Continental  AG 


microsoft.com/getthefacts 

'  RELIABILITY  NEWS  &  NOTES:  A 


SD  GROWTH:  More  and  more 


ENTERPRISE-CLASS  SPAM,  VIRUS 
and  WEB  FILTERING  SOLUTIONS 


Prices  starting  at  $  1,499  with  no  per  user  license  fees , 


Powerful.  Easy  to  use.  Affordable. 

Over  40,000  organizations  worldwide  trust  our  award¬ 
winning  security  appliances  -  Barracuda  Spam  Firewalls, 
Web  Filters,  and  IM  Firewalls  -  to  protect  their  networks 
from  malicious  attacks  spawned  through  email,  Web 
browsing,  and  instant  messaging. 


For  high-volume  server  applications,  we've  introduced  the 
Barracuda  Load  Balancer  -  designed  to  deliver  powerful  IP 
load  balancing  and  network  intrusion  prevention  at  an 
affordable  price.  Like  all  of  our  appliances,  configuration  is 
simple  and  operation  is  virtually  maintenance-free. 


—w- »» 1.1.4 

. 

FREE  EVALUATION  UNITS  AVAILABLE 

www.barfacuda.com  or  1 -888-ANTI-SPAM 
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—  GF  THE 
\  NEW.  DATA  CEI 


Dresdner  Kleinwort,  a  global  investment 
banking  firm.  Ashton  says  he  scans  his 
environment  weekly  but  could  do  it  on 
a  daily  basis  if  necessary 


\ 

How  do  you 
control  cus¬ 
tomers  sprinkled 
all  over  the  Inter¬ 
net  and  outside  your 
environment,  and  make  sure  the  per¬ 
formance  and  service  levels  they  re¬ 
ceive  meet  your  expectations?  The 
Linux-based  Tealeaf  CX  network  appli¬ 
ance  monitors  HTTP  and  Secure-HTTP 
streams,  then  “sessionizes”  that  data, 
correlating  user  requests  and  network 
responses  to  build  a  single-user  view 
of  an  individual  Web  session,  the  com¬ 
pany  says.  IT  sets  alarms  and  thresh¬ 
olds,  and  is  notified  when  users 
receive  site  errors.  In  addition,  a  “play¬ 
back”  capability  lets  IT  view  exactly 
what  a  Web  customer  did  and  saw 
throughout  a  session. This  lets  Web 
businesses  focus  their  time  on  only  the 
biggest,  most  money-losing  errors. 
Esurance,  an  automobile  insurer,  uses 
Tealeaf  in  testing  new  features  before 
they  go  live,  in  troubleshooting  site 
problems  and  in  customer  service. 
“Using  Tealeaf,  we  can  look  up  by  an 
e-mail  address  or  different  identifiers 
and  pull  the  session  and  replay  it.  It’s 
like  a  miniature  movie.  It’s  invaluable 
for  troubleshooting,”  says  Marj  Hutch¬ 
ins,  director  of  Internet  operations  at 
the  San  Francisco  firm. 


ite  Software^ 


/I 


had  to  query  the  data 
sources  and  combine 
the  results  using  a  J2EE  application, 
which  would  have  been  difficult.” 


L 

X 

Continuous 
data-protection 
products,  which 
perform  live  data 
backups  without  affect¬ 
ing  performance,  and  archive  the  data  so 
it’s  easy  to  retrieve,  have  become  a  New 
Data  Center  staple.  NearFbint  uses  an 
agentless  technology  called  transaction 
log-shipping  to  capture  every  e-mail,  docu¬ 
ment  and  file  in  an  Exchange  system.  Self- 
service  features  let  users  retrieve  email 
without  IT  intervention.“We  looked  at  sev¬ 
eral  archiving  products,  and  Mimosa  was 
ahead  of  the  game,”  says  Andrew  Gahm, 
network  architect  for  IS  at  Virtua  Health  in 
Marlton,  N.J.“Everyone  else  was  using  jour¬ 
naling  for  archiving,  which  isn’t  the  most 
effective  way  to  archive  your  email  be 
cause  it  misses  so  much.  Mimosa’s  log¬ 
shipping  captures  every  bit  of  detail  that’s 
in  your  email,  without  impacting  your 
Exchange  server? 


Whether  their 
legacy  data¬ 
bases  and  sys¬ 
tems  are  ready 
or  not,  enter¬ 
prises  are  moving  to 
virtualized  environments.  Composite 
Information  Server  (CIS)  works  to  vir¬ 
tualize  data  queries,  letting  companies 
cull  data  from  various  repositories 
without  going  through  lengthy  integra¬ 
tion  or  data-warehouse  initiatives.  A 
multithreaded  Java  application,  CIS 
noninvasively  accesses  data  from  dis¬ 
parate  sources;  combines,  abstracts 
and  simplifies  it;  and  delivers  it  via 
Web  services  or  relational  views. 

Enterprise  Architect  Gary  Lien  uses 
CIS  to  provide  a  single  view  of  mem¬ 
bers  of  Life  Time  Fitness,  a  health  club 
company  in  Eden  Prairie,  Minn. “We 
can  build  a  single  view  of  data  from 
our  cafes,  spas  and  club  point-of-sale 
systems.  Without  CIS,  we  would  have 


>  Just  because 
you  know  an  IP 
address  is  gener¬ 
ating  malicious 
traffic  doesn’t  mean 
you  can  pinpoint  the  cause  of  the  prob- 
lem.AlO’s  IP-to-ID  Service, working  with 
the  company’s  IDSentrie  appliance,  eases 
the  identification  of  network  users  and 
devices,  and  cuts  the  time  it  takes  to  iden¬ 
tify  and  correct  problems.  IDSentrie  drops 
on  a  network,  establishes  links  to  its  direc¬ 
tory  services,  and  creates  a  virtual  data 
store  to  view  those  directories.  Once  a 
device  or  user  authenticates  to  a  direc¬ 
tory  the  service  takes  that  directory  infor¬ 
mation  and  correlates  it  with  the  media- 
access-control  address  and  IP  address  to 
develop  accurate  identity  information  for 
the  user  at  that  IP  address  —  in  real  time. 

The  service  is  relatively  inexpensive,  and 
its  simplicity  is  the  real  selling  factor,  says 
Asad  Sarabi,vice  president  of  IT  and 
logistics  at  Eton  in  Palo  Alto,  Calif.“When  I 
see  my  network  is  slow  or  1  have  a  prob¬ 
lem,  with  A10  I  can  easily  within  10  or  15 
minutes  max,  pinpoint  what  application, 
user  and  device  are  the  cause.” 

Cummings  is  a  freelance  writer  in  North 
Andover,  Mass.  She  can  be  reached  at  jocum 
mings@comcast.  net. 
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These  tools  offer  an  affordable  path  to 
some  of  the  best  emerging  technologies 

BYJENMIFER  MCADAMS 

The  open  source  movement  is  fertile  ground  for  creating  advanced  tools 
and  technologies  —  all  at  an  appealing  price.  We’ve  scoured  the  market  to 
find  six  open  source  projects  that  hold  promise  for  your  New  Data  Center 
architecture.  They  offer  automated  provisioning,  intrusion  detec¬ 
tion,  grid  storage,  network-attached  storage,  messaging  for  a 
i service-oriented  architecture  (SOA )  and  secure  telephony. 


Distributor: 
What  it  is: 


What  it  does: 


What  the 
experts  say: 
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Distributor: 
What  it  is: 
What  it  does: 


Cleversafe,  www.cleversafe.com 


spersed  Storage 


Grid  storage  software  and  a  managed  service. 


Backs  up  data  using  a  public  grid  over  the  Internet  and 
managed  storage  facilities. 

Provides  data  backup  by  slicing  up  each  data  unit 
(files,  for  example)  and  sending  the  slices  to  as  many 
as  1 1  locales. 

Increases  the  chances  that  attacks  or  deficiencies  in  data 
storage  won’t  compromise  enterprise  data  in  its  entirety 
because  information  is  spread  across  multiple  locations. 


FreeNAS:  The  FreeNAS  Server,  www.freenas.org 


Network-attached  storage  (NAS)  software  developed  using 
FreeBSD  6  Unix. 

•  Lets  ordinary  PCs  act  as  NAS  servers. 

•  Provides  NAS  services,  including  file  sharing  via  Common 
Internet  File  System,  FTP  and  Network  File  System. 

“If  you’re  looking  for  a  good-enough  NAS  system,  FreeNAS 
gets  praise  from  several  people,”  says  analyst  Michael  Cote  at 
market  analysis  firm  RedMonk.  Cote  is  tracking  FreeNAS  as  it 
makes  its  way  to  official  Version  1.0  status,  at  which  point  he 
believes  the  software  will  hold  real  promise  for  the  enter- 
prise.Tt  supports  or  is  planning  on  supporting  a  wide  array 
of  protocols,  authentication  stores  and  monitoring.  Once 
FreeNAS  reaches  1.0  and  has  been  road-tested,  it  has  the 
real  potential  to  be  an  open  source  alternative  to  commer¬ 
cial  NAS  providers,”  he  says. 


What  yo 
should  ki 


ou 

now: 


Currently  available  only  as  a  beta  release,  although  the 
latest  version  (0.68)  packs  such  new  features  as  experi¬ 
mental  RAID  data-storage  functions  and  bug  fixes. 
Accommodates  DeltaCopy  open  source  backup  utility 
software. 

Includes  no  management  features,  such  as  SNMP  or  net¬ 
work  alarm  monitoring. 

No  commercial  support  available. 

NASlite  is  a  related  commercial  project  aimed  at  smaller 
businesses  considering  modifying  fixed  disk  drives  and 
turning  older  PCs  into  NAS  file  servers. 


What  the 
experts  say: 


“There  are  different  types  of  applications  that  can  use  this  type 
of  storage.  However,  Cleversafe  founders  openly  admit  that  the 
public  grid  is  not  yet  ready  to  support  transaction-oriented 
applications,  because  performance  may  not  meet  the  require¬ 
ments  of  these  types  of  applications. Those  wishing  to  hold  off 
on  the  public  grid  experience  may  opt  for  an  internal  storage 
grid  using  Cleversafe’s  grid  client  and  server  software,”  says 
Illuminata  analyst  John  Webster,  who  names  Cleversafe  as  a 
company  to  watch  among  new  storage  service  providers. 


Distributor: 

1 

What  it  is: 
What  it  does: 


GNU  Telephony,  wiki.gnutelephony.org 


A  series  of  development  tools,  libraries  and  programs  for 
creating  telephony  applications,  such  as  secure  VoIP  calling. 


What  you 
shoula  know: 


First  alpha  version  was  released  in  April  2005;  an  addi¬ 
tional  release  is  likely  before  March. 

Uses  information-dispersal  algorithms  that  parse  the  data 
being  backed  up  into  data  slices  that  are  stored  sepa¬ 
rately  but  can  reunite  easily 

Protects  against  data  loss  if  one  location  goes  down, 
because  only  a  majority  of  the  slices  are  needed  to 
restore  the  data,  developers  say 
An  API  connects  to  applications,  including  open 
source  backup  tools  BackupPC,  Bacula  and  Amanda. 
Integrates  with  commercial  backup  solutions,  such  as 
Symantec’s  Veritas  BackupExec  and  NetBackup.and 
EMC’s  Legato  Networker. 

Suitable  as  spare  storage  capacity  or  a  backup 
alternative. 


Works  with  the  open  source  telephony  server  GNU 
Bayonne  to  inject  telephony  into  existing  applications. 
Introduces  secure  VoIP  calling  functions  in  the  real-time 
protocol  (RTP)  stack  and  at  the  application  level  through 
specification  protocols  XML-Remote  Procedure  Call  and 
Simple  Object  Access  Protocol. 

Lets  users  manage  their  own  encryption  keys  and  there 
by  engage  in  end-to-end  encrypted  communications. 


What  the 
experts  say: 


“For  all  intents  and  purposes,  open  source  VoIP  technolo¬ 
gies  can  today  do  the  same  thing  as  proprietary  systems. 
Technologies  like  GNU  Telephony  provide  innovative  tools 
for  building  low-cost  telecommunications  infrastructures, 
demystifying  technologies  and  fostering  waves  of  technolog¬ 
ical  revolution,” says  Sascha  Meinrath,  executive  director  of 
the  CUWiN  Wireless  Project,  a  nonprofit  that  promotes  com¬ 
munity-owned  networks. 


What  yo 
shoula  ki 


ou 

now: 


•  Includes  GNU  Common  C++  framework  to  support 
threading,  sockets,  file  access  and  other  custom  services. 


Future  releases  will  focus  on  applications  for  telecenters 
and  new  libraries,  and  on  platforms  with  which  enter¬ 
prises  can  create  and  deploy  telephony  applications, 
interoperates  with  compliant  RTP-  and  Session 
Initiation  Protocol-based  devices,  phones  or  services, 
though  it  is  not  necessary  to  make  the  entire  infra 
structure  RTP-compliant. 

Several  Linux  VoIP  softphones  incorporate  GNU’s  RTP 
stack,  including  the  Twinkle  client. 

Works  with  open  source  PBXs  Asterisk,  OpenPBX  and 
FreeSwitch. 

Tycho  Softworks  provides  commercial  support  for 
Bayonne  and  GNU  Telephony 


Adjusts  server  loads  dynamically  in  r 
response  to  usage. 

Redeploys  applications  during  maintenance  and  other 
periods  of  downtime,  and  provides  automatic  failover  if 
a  server  dies. 


What  the 
experts  say: 


“If  something  happens  to  our  production  application  or  ker¬ 
nel  or  physical  machine,  openQRM  deprovisions  and 
reboots  the  node  and  brings  up  a  spare  node  using  the 
same  image  and  IP  address.Total  downtime  is  three  min¬ 
utes.  We  are  able  to  react  quickly  to  application  issues  as 
they  occurs  says  John  Shaw,  vice  president  of  operations  at 
Tradeware  Global,  an  electronic  trading  solutions  company 
in  NewYork.The  company  has  used  the  open  source  tool 
extensively  —  harnessing  openQRM  to  15  IBM  x336  servers 
—  to  help  provide  connectivity  for  major  financial 
exchanges  in  40  countries. 


First  release  was  in  January  2006;  openQRM  3.1.2  fol¬ 
lowed  on  Dec.  28. 

Integrates  with  infrastructure  software,  including 
VMware  virtualization  products  and  Nagios  monitoring 
solutions. 

Plug-in  capabilities  let  users  add  components  via  Java, 
PHP  and  other  scripting  languages. 

Developed  by  Qlusters,  which  offers  support  for 
openQRM  and  a  managed  service  called  open 
QRM  Enterprise. 


'Oil 

know: 


Distributor: 


MuleSource,  www.mulesource.com 


An  enterprise  service  bus  integration  platform  that  provides 
messaging  without  additional  “donkey  work,”  that  is,  manual, 
repetitive  coding. 


Provides  the  messaging  backbone  of  an  SOA. 

Eases  introduction  of  new  applications. 

Speeds  efforts  to  modernize  legacy  applications. 
Supports  more  than  30  transports  and  technologies, 
such  as  Enterprise  Java  Beans,  Java  Messaging 
Service,  Java  Business  Integration,  Web  services 
and  mainframe  applications. 


What  the 
experts  say: 


“The  tool  seems  to  strike  a  nice  balance  between  simpli¬ 
city  and  performance  —  a  target  that  many  application 
infrastructure  vendors  don’t  effectively  aim  for,  since  they 
are  so  intent  on  sophistication  and  options  over  simplicity 
and  raw  performance”  says  Jonathan  Eunice,  principal  IT 
advisor  at  Illuminata. 


Distributor: 


OSSEC  HIDS,  www.ossec.net 


Akin  to  security-information  and  event-management 
products,  this  host-based  intrusion-detection  system  is 
used  in  log  analysis,  integrity  checking  and  rootkit 
detection. 


•  Requires  basic  Java  and  XML  skills. 

•  Mule  2.0,  scheduled  for  release  in  the  second  quarter 
of  2007,  will  include  internal  clustering  capabilities, 
better  repository  support,  patch  management  and 
other  improvements. 

•  Partner  companies  wrapping  in  Mule  include  open 
source  document-management  company  Alfresco 
Software;  C24,  which  offers  objects  support  packs; 
Hyperic;JasperSoft;and  MySQL. 

•  Subscription-based  support  and  related  software  are 
available  directly  from  Mule  developers. 


'OU 

know: 


Monitors  file  and  directory  modifications. 
Provides  accountability  by  storing  authentication 
information. 

Triggers  user  alerts  on  failed  authentication  or  ques¬ 
tionable  user  additions. 


What  the 
experts  say: 


“We  were  able  to  get  a  lot  of  out-of-the-box  functionality 
says  David  Bianco,  cybersecurity  analyst  for  Thomas 
Jefferson  National  Accelerator  Facility  in  Newport  News, 
Va.“OSSEC  immediately  started  parsing  our  firewall  logs 
and  alerting  on  Internet  scans  and  probes.  It’s  also  helping 
track  failed  logins,  system  account  changes,  IDS  alerts  and 
a  few  other  things  —  all  with  very  little  work  on  our  part." 


Version  1.0  was  released  in  January 
Log  analysis  rules  are  in  XML  format. 

Processes  run  with  privilege  separation  in  chroot  jail 
Follows  syslog  RFC  3164  protocol. 

OSSEC  offers  commercial  support. 


Distributor: 


Qlusters,  www.qlusters.com 


now: 


Automatic,  policy-based  provisioning  software  for  physical 
and  virtual  servers. 


•  Assigns  users  and  applications  to  specific  servers  accord¬ 
ing  to  defined  policies. 


McAdams  is  a  freelance  writer  in  Vienna,  Va.  She  can  be  reached  at 
jmtechwriter@aol.  com. 
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Today,  Dan  configured  a  switch  in  London, 
rebooted  servers  in  Sydney,  and  watched  his 
team  score  the  winning  goal  in  St.  Louis. 
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With  Avocent  data  center  solutions,  the  world  can  finally  revolve  around  you.  Avocent  puts  secure 
access  and  control  right  at  your  finger  tips  -  from  multi-platform  servers  to  network  routers,  your  local  data 
center  to  branch  offices,  across  the  hall  or  around  the  globe.  Let  others  roll  crash  carts  to  troubleshoot 
-  with  Avocent,  trouble  is  on  ice. 


To  learn  more,  visit  us  at  www.avocent.com/ice  to  download  Data  Center  Control:  Guidelines  to  Achieve 
Centralized  Management  whitepaper  or  call  866.277.1924  for  a  demo  today. 
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How  to  avoid 


on  the  road  to  grid  computing 

A  UPS  IT  executive  shares  a  truckload  of 
lessons  learned  on  his  grid  journey 

BY  JULIE  BOPt 

UPS  has  always  been  driven  by  technology.  It  invests  close  to  $1  billion 
per  year  in  IT.  Recently  it  added  the  New  Data  Center  technology  of  grid 
computing  to  its  infrastructure,  says  Brian  Cucci,  manager  for  UPS’ 
Advanced  Technology  Group  in  Mahwah,  N.J.  Last  October,  Cucci’s  group 
completed  a  year-long  project  that  moved  a  mission-critical  COBOL 
billing  application  from  the  mainframe  to  a  Linux  grid  running 
DataSynapse  GridServer  (www.nwdocfinder.coml7522).  Here  Cucci  shares 
the  five  biggest  lessons  he  learned  from  that  and  other  grid  projects. 


Software  licenses,  not  technical  issues, 
could  bo  what  prevents  an  application 
from  running  on  your  grid, 

“If  you  are  going  to  target  an  applica¬ 
tion  to  run  on  a  grid, you  are  virtualizing 
that  application  to  run  anywhere.  But 
you  may  be  locked  contractually  to  run 
it  only  on,  say  two  dual-core  boxes,  and 

worn 


then  you  are  not  going  to  get  the 
power  of  that  grid,”  Cucci  says.  His 
team  analyzed  which  types  of  licenses 
were  grid  friends  and  which  were  foes, 
he  says. The  most  grid-friendly  is  enter¬ 
prise  licensing,  which  lets  software  run 
anywhere.  Concurrent-user  licenses  — 
or  any  form  of  license  based  on  how 


many  times  an  application  runs  some¬ 
where  —  also  are  friendly  Node-locking 
licensing  —  or  any  form  of  license  that 
dictates  the  type  of  machine  —  are  the 
worst.  CPU-based  licensing  can  work  but 
isn’t  great  because  contractually  limiting 
the  software  to  a  specified  number  of 
CPUs  undermines  the  power  of  the  grid. 
Getting  vendors  to  modify  their  licenses 
to  be  more  grid-friendly  can  be  tough. 
Vendors  are  often  fearful  that  multipro¬ 
cessing  computers  will  eat  their  rev¬ 
enues  —  and  rightly  so:  Grids  and  multi¬ 
core  machines  often  let  enterprises  do 
more  with  less  software. 

Expect  capacity  planning  to  be  more 
guesswork  and  gut  instinct  than  estab¬ 
lished  engineering. 

Because  UPS  chose  Linux,  an  afford¬ 
able  operating  system  already  well 
known  internally,  there  were  few  sur¬ 
prises  for  the  team  in  building  the  grid 
itself,  Cucci  says.  But  the  team  found  lit¬ 
tle  guidance  in  how  to  estimate  work¬ 
loads  so  it  could  determine  how  big  a 
grid  to  build.  Even  the  most  intense 
workloads  ran  lightning-fast  on  the 
grid.  A  process  that  took  270  minutes  to 
complete  on  the  mainframe  could  be 
completed  in  less  than  40  minutes  on 
a  two-server,  eight-CPU  grid,  he  says. 
Adding  servers  did  not  always  translate 
into  proportionately  faster  perfor¬ 
mance,  however.  For  instance,  tests 
showed  that  a  two-server,  eight-CPU 
grid  connected  to  a  storage-area  net¬ 
work  reduced  application-processing 
time  by  42%  compared  with  a  grid  that 
had  a  single  server  and  four  CPUs. 
Adding  a  third  server  made  the  grid 
only  marginally  faster,  however,  reduc¬ 
ing  application-processing  time  by 
53%.  A  four-server,  16-CPU  grid  reduced 
processing  time  by  56%  compared 
with  the  single-server  grid  but  ran  only 
3%  faster  than  the  three-server  grid.  As 
it  experimented  with  capacity,  UPS 
tended  to  overestimate  the  number  of 

See  Grid,  page  34 


Picked 

the  grid 

Low-hanging  fruit?  Fuhgeddaboudit. 
For  its  grid  foray,  UPS  chose  its  all- 
important  Flexible  Bill  Rendering 
application,  which  generates  invoices 
for  customers  in  the  United  States 
and  35  other  countries.  The  volume  is 
staggering  —  UPS  produces  4  million 
to  6  million  invoice  pages  weekly  for 
mailing  and  posting  online,  says  Brian 
Cucci,  manager  for  UPS’  Advanced 
Technology  Group  in  Mahwah,  N.J. 

As  a  mainframe  process,  the  U.S. 
portion  of  the  invoice-composition 
application  took  about  20  hours  per 
weekend.  The  grid  requires  a  fraction 
of  the  time  the  mainframe  needs  to 
do  this  work,  and  not  just  because 
the  Linux  boxes  are  faster.  In  a  test 
on  a  proof-of-concept  grid  built  in 
2005  (using  spare  CPU  cycles  on  the 
IT  staff’s  laptops),  an  analytics  appli¬ 
cation  took  45  minutes  to  complete 
what  was  taking  stand-alone  servers 
9.5  hours,  Cucci  says.  Encouraged  by 
that  finding,  UPS  built  separate  grids 
for  its  two  primary  data  centers. 

Built  with  DataSynapse’s  GridServer, 
each  grid  is  composed  of  four  two- 
way  commodity  servers  that  run  the 
grid  engines:  other  servers  manage 
the  grid,  he  says.  Each  grid  has  the 
primary  responsibility  of  running  dif¬ 
ferent  applications  —  they  now  host 
three  applications.  The  second  grid 
acts  as  business  continuity  backup 
for  the  bill-rendering  application. 

See  the  diagram  below  for  a  look  at 
how  the  invoice  process  works  on 
UPS’  Linux  grid. 

—  Julie  Bort 
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The  UPS  grid  at  work 
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A  mainframe  batch  job  copies  raw  billing  data  to 
storage  shared  between  the  mainframe  and  the  grid. 

B  A  mainframe  job  scheduler  activates  a  grid  client 
via  specialized  code  called  the  grid  client  gateway. 

B  The  gateway  submits  the  job  to  the  grid. 

□  Invoice-generation  software  on  the  grid 
uses  the  raw  billing  files  to  create  invoices, 
which  then  reside  on  the  shared  storage. 

B  Upon  completion,  the  gateway  returns  job 
codes  from  the  grid’s  output  to  the  job  sched¬ 
uler  for  use  in  the  rest  of  the  mainframe-based 
invoice  process. 

B  Subsequent  mainframe  jobs  access  the 
invoices  from  the  shared  storage. 


Linux  grid  using 
DataSynapse  GridServer 
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boxes  needed,  Cucci  says.  But 
there  was  an  upside:  Because 
the  grid  was  inexpensive  to 
buy  and  operate,  there  was  no 
large  financial  penalty  for 
overbuilding  it. 


Don’t  expect  help  with  utiliza¬ 
tion  planning. 

To  maximize  their  investment, 
IT  executives  are  going  to  want 
to  run  as  many  applications  on 
the  grid  as  it  can  handle.  Cucci 
says  his  team’s  goal  is  100%  uti¬ 
lization,  but  mature  workload- 


management  tools  are  not 
available  yet  to  help  plan  for 
such  usage.  “Chargeback  tools 
exist  in  DataSynapse,  but  are 
only  good  once  you  build  and 
deploy  he  says.  Discovering 
how  many  applications,  as  well 
as  which  application  combina¬ 


tions,  the  grid  can  handle  will 
be  a  matter  of  trial  and  error,  so 
be  sure  your  planning  phase 
includes  extra  time  for  this,  he 
says.  Grid  newbies  also  must 
remember  to  factor  business- 
continuity  capacity  into  the 
mix.  For  its  business  continuity 


needs,  UPS  built 
two  grids  — 
one  for  each  of 
its  primary  data  centers  —  to 
run  specific  applications  and  to 
handle  failover. 


Understand  that  small  techni¬ 
cal  differences  between  the 
grid  and  mainframe  can  cause 
the  biggest  trouble. 

Often  a  grid  is  built  to  run 
only  portions  of  a  mainframe 
application.The  goal  is  to  slice 
out  the  compute  intensive  part, 
run  it  on  the  grid,  then  deliver 
the  results  without  skipping  a 
beat.To  make  this  work,  the  grid 
has  to  produce  results  identical 
to  the  original  mainframe  code. 
This  will  probably  require  lots 
of  unexpected  reengineering. 
For  instance,  UPS’  billing  appli¬ 
cation  uses  a  timestamp  in  the 
file  name,  on  which  the  main¬ 
frame  relies  to  work  with  the 
data.  UPS  discovered,  however, 
that  Linux  uses  a  different  time- 
stamp  convention  from  the  one 
the  mainframe  uses  —  and  the 
grid  operates  faster.  As  a  result, 
the  grid  was  naming  multiple 
files  the  same  and  in  a  time- 
stamp  format  the  mainframe 
didn’t  recognize.  Before  going 
live,  Cucci’s  team  had  to  to  fix 
this  hidden  problem. 


Plan  on  gutting  your  systems 
management  processes. 

If  a  long-running  mainframe 
application  has  a  problem, 
the  IT  folks  have  a  reliable 
methodology  for  fixing  it. 
When  that  same  application 
—  or  just  a  part  of  it  —  moves 
to  a  new  platform,  IT  execu¬ 
tives  need  to  build  new  sys¬ 
tems  management  proce¬ 
dures  for  it. The  tools  used  to 
diagnose  problems  on  a 
Linux  grid  are  different  from 
those  used  to  troubleshoot 
mainframe  problems,  plus  the 
mainframe  experts  are  often 
not  the  Linux  experts.  New 
support  teams  will  likely  need 
to  be  created. The  most  effi¬ 
cient  project  timeline  consid¬ 
ers  the  support  process  from 
the  outset,  Cucci  says. 
Otherwise,  this  requirement 
will  be  discovered  at  some 
point  —  and  it’s  best  that  it 
not  be  discovered  after  the 
production  rollout  is  com¬ 
plete  and  a  broken  applica¬ 
tion  is  waiting  to  be  fixed. 
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Start  with  a  process  that  previously 
has  been  opened. 

Knowing  what  SOA  project  to  start 
with  could  be  a  matter  of  finding  a 
receptive  audience,  says  Joseph  Gaus, 
enterprise  architect  at  Dow  Corning 
in  Midland,  Mich.  “Early  on,  target 
systems  that  people  are  used  to  hav¬ 
ing  applications  built  around,”  he 
says.  For  example,  SAP  is  the  master 
system  for  many  of  Dow  Coming’s 
most  critical  business  processes, 
including  its  order-to-cash  process.  In 
the  past,  the  specialty  chemical  com¬ 
pany  has  let  other  systems  tap  into 
that  process  —  for  example,  a  Web- 
basafl&pplication  that  lets  customers 
placex>rders  online.  “We’re  used  to 
opening  up  that  process,  and  the  peo¬ 
ple  who  support  that  process  are  a  lit¬ 
tle  bit  more  comfortable  having  other 
applications  built  around  it,”  Gaus 
says.  Plus,  the  process  is  entwined 
with  multiple  applications  so  there’s 
an  opportunity  for  reuse,  he  says. 

“You  can  demonstrate  SOA’s  value 
more  easily  with  such  a  process." 

Don't  take  interoperability  for  granted. 

When  Washington  Group 
International  began  its  SOA  implemen¬ 
tation  three  years  ago,  standards  and 
tools  weren’t  as  mature  as  they  are 
today.  A  key  challenge  was  building 
Web  services  that  could  be  consumed 
by  both  Java  and  Microsoft  .Net 
clients,  says  Rich  Colton,  application 
integration  manager  at  the  Boise, 
Idaho-based  engineering  and  con¬ 
struction  company.  World  Wide  Web 
Cons<®jkim  (W3C)  standards  could  be 


BY  Aftft  BEDftARZ 


implemented  in  different  ways  in  Java 
2  Platform  Enterprise  Edition  than 
they  could  in  .Net,  Colton  found.  For 
example,  the  two  environments  han¬ 
dle  the  standards  for  a  Remote  Pro¬ 
cedure  Call  differently,  and  each  sup¬ 
ports  different  message  payloads,  or 
content.  “We  discovered  early  on  that 
interoperability  is  a  nice  word,  but  the 
actual  implementation  left  something 
to  be  desired,”  he  says.  “You  can’t 
always  do  what  the  W3C  standards 
say  you  can  do,  because  not  every¬ 
body  has  implemented  all  the  pieces.’’. 
Over  the  last  few  years,  interoperabil¬ 
ity  has  improved  a  lot,  but  it’s  not 
automatic.  Testing  is  critical  for  pro¬ 
grammers,  he  says. 


Don’t  open  your  wallet  too  quickly. 

When  IT  embarks  on  an  SOA  proj¬ 
ect,  the  first  thing  it  often  wants  to 
do  is  buy  new  technology.  But 
before  committing  to  a  technology 
platform,  IT  needs  to  identify  all 
information  sources  and 
make  sure  it  documents 
how  each  system  defines 
data,  says  Dave 
Linthicum,  CEO  of  SOA 
advisory  firm 
Linthicum  Group. 

Without  due  diligence, 
a  company  might  select 
a  governance  tool  that, 
while  impressive,  may 
not  jibe  with  the  final 
technology  layout,  service 
management  requirements  and 
security  strategy.  “Everything  is 
See  SOA,  page  3 


[Documenting  service  attributes]  has 
wound  up  being  a  lot  more  complex 
than  I  ever  imagined. 


The  benefits  of  the  service-oriented  architecture  are  widely  touted: 
reduced  integration  costs,  greater  asset  reuse,  and  the  ability  for  IT  t 
respond  more  quickly  to  changing  business  and  regulatory  require¬ 
ments.  But  what  about  the  pitfalls? 

SOA  pioneers  know  all  too  well  the  challenges  that  can  arise  w 
company  service-enables  critical  applications.  The  SOA  endeavo 
IT  disciplines:  It’s  part  systems  design  and  architecture  overhau 
application  development  and  business  makeover.  Here,  early  adopters 
and  other  experts  give  their  best  advice  about  avoiding  the  obstacles 
when  building  this  New  Data  Center  essential,  the  SOA. 
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interrelated.  You  need  to 
understand  the  data,  the  ser¬ 
vices  that  interoperate  with  the 
data,  new  services  you  need, 
and  then  the  processes  to 
which  they’re  bound” he  says. 

Think  governance. 

Building  a  new  framework 
fot  an  entire  corporate  infra¬ 
structure  is  no  easy  task. Trial 
and  error  is  part  of  the  deal, 
says  Bryan  Grant,  lead  applica¬ 
tion  integration  developer  at 
DaVita  in  El  Segundo,  Calif. 
DaVita  provides  kidney- 
dialysis  services  via  a  network 
of  about  1,255  outpatient  cen¬ 
ters,  each  of  which  generates 
data  that  is  collected  in  a  cen¬ 
tral  location  and  made  avail¬ 
able  to  multiple  applications, 
he  says.  It  has  been  tough  to 
change  from  point-to-point 
connections  to  a  more  open 
platform  that  lets  distributed 
IT  teams  reuse  applications, 
deliver  new  services,  and  link 
legacy  and  packaged  applica- 
tions.“You  can  never  expect  it 
to  work  the  first  time  out,”  he 
says.  DaVita  is  concentrating 
on  improving  governance  — 
knowing  what  systems  are 
connecting,  and  ensuring  ser¬ 
vices  put  into  production 
belong  in  production  —  and 
ultimately  will  buy  software  to 
help  do  that.“We  were  not 
good  at  governance  in  the 
past,”  Grant  says. 

A  little  incentive  never  hurts. 

Over  the  past  few  years,  the 
development  teams  at  Dow 
Corning  have  done  a  good 
job  of  abstracting  application 
elements,  building  up  compo¬ 
nent  libraries  and  reusing 
code,  Gaus  says.  But  it’s  gener¬ 
ally  easier  and  less  expensive 
to  build  a  new  application 
using  tried-and-true  methods 
than  to  take  an  SOA  ap¬ 
proach. “To  really  consider 
what  enterprise  data  is 
required  for  an  application 
and  what  business  processes 
are  required,  to  build  services 
around  that  data  and  those 
processes,  then  build  an 
application  on  top  of  it,  is 
going  to  be  more  expensive 
upfront  than  running  off  and 
building  an  application,”  Gaus 


says.  To  combat  the 
temptation  to  do 
things  the  old  way,  he  says,  the 
company  is  considering  a 
proposal  to  require  staff  to 
spend  a  percentage  — 
around  5%  —  of  their  project 
budgets  on  SOA. 


Budget  realistically,  or  buy-in 
will  suffer. 

“People  are  hungry  for  infor¬ 
mation  about  how  to  budget 
for  this  stuff.  The  reality  is, 
people  don’t  understand  the 
complexity  of  it,  so  they 
underestimate  [cost],” says 


Linthicum,  who  has  devised 
guidelines  for  pricing  SOA 
projects  based  on  variables 
that  include  the  number  of 
data  elements,  the  complexity 
of  systems  and  processes,  and 
new  services  needed. 
Typically,  the  time  and  labor 


associated  with  building  an 
SOA  —  not  the  cost  of  pur¬ 
chasing  technology  —  can 
surprise  the  uninitiated. 
Enterprises  usually  need  help 
from  consultants,  and  they 
need  participation  from  inter¬ 
nal  staff  skilled  in  architec- 


Turn  back  network  time. 


Stop  missing  critical  events. 
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ture,  security,  data  manage¬ 
ment,  networks  and  applica¬ 
tion  development.  As  for  tim¬ 
ing,  Linthicum’s  rule  of 
thumb  is  to  allow  about  three 
or  four  months  for  each  sys¬ 
tem  an  SOA  project  envelops; 
with  normal  complexity,  a  six- 


system  project  will  take  a 
couple  of  years  from  incep¬ 
tion  through  funding,  deploy¬ 
ment  and  completion,  he 
says.  Adequate  planning  for 
time  and  labor  is  critical  if 
you  want  to  keep  the  busi¬ 
ness  on  your  side. “The  min¬ 


ute  you  underestimate  that, 
people  are  going  to  lose  faith 
in  the  project,  because  you’re 
going  to  deliver  stuff  way 
over  budget,”  he  says. 

Don’t  skimp  on  documentation. 

You  must  have  clearly  docu¬ 


mented  policies  and  proce¬ 
dures  for  every  aspect  of  the 
SOA  development  life  cycle, 
says  DaVitas  Grant.  Devoting 
the  traditional  75%  of  effort  to 
planning  and  documentation, 
and  25%  to  development 
makes  things  a  lot  more  man¬ 


ageable,  even 
though  “every¬ 
body  likes  the  25%  and 
nobody  likes  the  75%,”he  says. 

Registries  aren't  a  cure-all. 

Documenting  service  attri¬ 
butes  is  a  tricky  part  of  an 
SOA, says  Washington  Groups 
Colton. “It  has  wound  up 
being  a  lot  more  complex 
than  1  ever  imagined,”  he 
says.  One  of  Colton’s  ongoing 
projects  is  to  find  a  way  to 
keep  track  of  the  technical 
details  associated  with  ser¬ 
vices,  such  as  translation 
requirements  and  service 
dependencies,  and  functional 
considerations,  such  as  what 
processes  are  involved.  Some 
commercial  registries  don’t 
do  justice  to  both  types  of 
information,  and  Colton  does¬ 
n’t  want  to  rush  into  a  prema¬ 
ture  technology  purchase: 

“We  developed  a  spread¬ 
sheet,  for  now,  to  understand 
all  the  pieces  of  information 
we  need  to  track.  Once  we  do 
that,  we’ll  either  build  one 
internally  or  look  at  the  com¬ 
mercial  solutions  to  see  if 
they  address  our  needs.” 

Don’t  forget  the  network. 

SOA  is  going  to  add  to  the 
load  on  the  network  —  it’s 
that  simple.  Proper  network 
design  calls  for  modeling 
performance,  which  many 
enterprises  fail  to  do  ade¬ 
quately,  Linthicum  says.“You 
can  model  performance  by 
looking  at  the  behavior  of  a 
set  of  services.  Now  extend 
that  10,000  times.  How  many 
packets  are  going  to  be  dis¬ 
patched?  How  many  packets 
are  going  to  be  received?  The 
kind  of  bandwidth  you  have 
—  is  this  going  to  bring  your 
network  to  its  knees?  Some¬ 
times  it  does,”  he  warns. 
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Move  up  to  Belden’s 
NEW  blanket-coverage 
wireless  technology, 
offering  seamless  mobility 
and  freedom  from 
RF  complexities. 


To  be  effective  in  today’s  business  climate, 
people  have  to  be  connected,  not  only  when 
they  are  at  their  desks  but,  more  importantly, 
when  they  are  on  the  move.  Information 
access  can  no  longer  be  limited  to  a  single 
time  or  place. 

Introducing  the  Beiden  Wireless  Solution! 
Overcoming  the  deployment,  performance  and 
management  limitations  of  cell-based  wireless 
LAN  technology,  Belden’s  solution  eliminates 
RF-related  complexities  by  utilizing  channel- 
blanket  topology,  in  which  every  radio  channel 
is  present  at  every  access  point  -  creating 
blankets  of  continuous  wireless  coverage. 

The  result?  No  roaming  latency  or  co-channel 
interference.  Just  seamless  mobility. 

The  Beiden  Wireless  Solution  provides  for 
the  coexistence  of  all  types  of  users,  devices 
and  traffic  -  enabling  data,  video  and  voice 
(VoWLAN)  applications  in  wide-reaching 
WLAN  deployments. 


The  Beiden  Wireless  Solution  delivers  the 
upward  mobility  of  a  WLAN  while  maintaining 
the  simplicity  of  a  conventional  hard-wired  LAN. 

For  more  information,  call  Beiden 

at  1.800.BELDEN.1 
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Mind  your  techie  talk. 

SOA  is  a  business  endeavor, 
and  it  should  be  communi¬ 
cated  that  way. “Trying  to  get 
the  IT  language  put  of  what 
we  talk  about,  and  get  into 
the  business  language,  is  an 
ongoing  issue, ’’Washington 
Group’s  Colton  says. “Nobody 
cares  about  how  1  do  it,”  he 
says. “What  they  care  about  is 
what  business  processes  I 
can  address." 


Data  center  archi 
H.E.  Butt  Grocer; 


This  New  Data  Center  role  could  put  you 
on  the  path  to  the  executive  suite 


BY  SAMDfJA  GITTLEN 

Are  you  a  go-getter  who  has  experience  managing  servers,  storage, 
security  and  facilities,  and  wants  to  get  into  the  next  big  thing?  If  so,  you 
just  might  be  the  perfect  person  for  a  role  that  is  growing  exponentially 
in  importance:  data  center  architect. 
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Many  companies'  data  center 
responsibilities  are  broken  out  piece* 
meal,  but  experts  say  that  compa¬ 
nies  embracing  New  Data  Center 
technologies,  such  as  blade  servers, 
grid  computing  and  virtualization, 
will  succeed  by  consolidating  the 
management  of  all  critical  functions 
into  a  single  role.  Using  these 
advanced  technok  >gies  begs  for 
someone  capable  of  bringing  an  inte¬ 
grated.  holistic  approach  to  data 
center  architecture  and  design,  says 
Johna  Till  Johnson.  Network  World 
columnist  and  co-founder  of 
Nemertes  Research. 

For  a  data  center  to  be  secure,  its 
architect  must  factor  in  facilities 
design  and  architecture.  Johnson 
says.  Likewise,  to  create  a  sturdy 
server  and  storage  architecture,  the 
architect  must  plan  for  manageabil¬ 
ity  and  operations.  By  placing  all 
such  responsibilities  under  the 
purview  of  a  single  person,  the 
company  gains  strength  in  long- 
range  planning  and  short-range  exe¬ 
cution,  On  the  other  hand.  Johnson 
says  in  her  "New  Data  Center 
Strategies"  newsletter,  companies 
who  don't  risk  failure  (see 
www.nwdocfinder.com/7521). 

Len  Eckhaus.  founder  of  AFCOM,  a 
data  center  management  group  with 
3.000  member  organizations,  agrees. 
"Years  ago.  a  data  center  architect 
simply  ran  jobs  and  processed  pay¬ 
roll.  It  was  an  entry-level  position. 
Today  there  is  so  much  complex 
equipment  with  specific  security. 


space,  power  and  cooling  require¬ 
ments  that  you  need  someone  who 
can  manage  not  only  the  equipment 
but  the  whole  data  center  environ¬ 
ment,”  he  says. 


Where  it’s  at 

IT  professionals  who  are  well- 
versed  in  server,  storage  and  secu¬ 
rity  technologies  can  advance  their 
careers  by  adding  heating  and  cool¬ 
ing,  power  and  other  facilities  man¬ 
agement  expertise  to  their  resume, 
Eckhaus  says.  Those  who  do  may 
even  find  themselves  within  spitting 
distance  of  such  executive-level  posi¬ 
tions  as  CIO  and  CTO.  he  says. 

“The  data  center  is  where  it's  at 
today,  There's  a  huge  awareness 
among  corporate  executives  of  the 
critical  nature  of  the  data  center, 
therefore  the  data  center  architect  is 
now  in  line  for  IT's  top  spot,” 

Eckhaus  says. 

This  rise  in 
importance  comes 
from  the  momen¬ 
tum  within  the 
data  center  indus¬ 
try.  Eckhaus  says. 

More  than  70%  of 
AFCOM  members 
say  they  are  mov¬ 
ing  their  data  cen¬ 
ters,  building  new 
ones  or  expanding 
their  facilities  within  the  next  five  to 
10  years,  he  says. 

In  addition,  such  New  Data  Center 
technologies  as  Power  over  Ethernet, 
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The  data  center  architect  is  going  to 
make  decisions  that  aren)  very  popular 


such  as  insisting  temperatures  remain  low 


despite  high  cooling  costs  . 


■  ■■■<.  '  . 

;v  '  DaV 


Coo 


career  opportunity: 


r 


blade  servers,  grid  computing 
and  virtualization  have  had  a 
tremendous  impact  on  data 
center  capacity  planning, 
Eckhaus  says. 

David  May,  asset  and  data 
center  manager  at  H.E.  Butt 
Grocery  Co.  in  San  Antonio, 
Texas,  deals  with  these  issues 
firsthand.  As  data  center 
architect  for  the  $1 1  billion 
company,  which  has  60,000 
employees  and  300  stores  in 
Texas  and  Mexico,  he  over¬ 
sees  not  only  the  servers,  stor¬ 
age  and  network  but  also  the 
security,  power  and  cooling 
for  the  data  center. 

This  holistic  view  is  necessary 
because  of  the  critical  nature 
of  the  data  center:  “It  can’t  be 
treated  like  any  other  building 
because  it’s  not,”  May  says. 

Ins  and  outs 

May  learned  the  ins  and 
outs  of  power  and  cooling  so 


he  could  lead  the  decision 
making  for  the  company’s 
data  center,  as  well  as  its 
expansion. “Blade  servers 
have  a  lot  of  benefits,  but 
they  are  energy  hogs.  We  are 
just  now  finishing  a  three- 
year  electrical  upgrade  to  put 
a  megawatt  of  redundant 
power  on  the  floor,”  he  says. 

IT  professionals  must  lead 
the  charge  because  they  un¬ 
derstand  the  ramifications  of 
environmental  changes  for 
equipment.  And  a  data  center 
architect  should  report  to  the 
CIO  or  CTO,  May  says.“The  data 
center  architect  is  going  to 
make  decisions  that  aren’t  very 
popular,”  he  says.  For  instance, 
a  data  center  architect  will 
go  to  battle  over  temperature 
costs.  Facilities  says  if  we 
crank  up  the  temperature  five 
degrees,  we  can  save  money, 
but  that  puts  the  equipment 
in  jeopardy”  May  says. 


The  data  center  also  has  to 
be  engineered  with  redundan¬ 
cies  that  can  be  costly  but  are 
critical  for  disaster  recovery 
and  business  continuity  May 
adds.  For  instance,  he  has 
placed  the  data  center  on  a 
separate,  backup  generator  in 
case  of  a  power  outage  on  the 
main  campus. 

Increasingly,  companies  are 
anointing  a  data  center  archi¬ 
tect  to  justify  the  costs  in  hot- 
button  budget  issues,  such  as 
space  allocation,  says  Andreas 
Antonopoulos,  senior  partner 
at  Nemertes.“There  might  be  a 
situation  where  the  data  center 
appears  to  be  only  half-full,  but 
the  empty  space  is  misleading 
because  of  the  power  and 
cooling  requirements  of  tech¬ 
nologies  such  as  blade  serv¬ 
ers,”  Antonopoulos  says. 

“We’ve  gone  from  using  1.5  to 
3  kilowatts  of  power  to  where 
15-kwh  racks  are  not  uncom¬ 


mon.  Many  data  centers  can’t 
support  that  and  need  to  be 
upgraded,”  Antonopoulos  says. 

Becoming  a  facilities  expert 
on  top  of  keeping  pace  with  the 
latest  IT  technologies  isn’t  easy 
H.E.  Butts’  May  recommends 
digging  deeper  into  such  un¬ 
known  territory  as  electricity 
and  HVAC  by  taking  courses 
at  local  technical  schools,  sub¬ 
scribing  to  industry  journals 
and  researching  vendor  Web 


sites.“Eventually, 
all  data  centers 
will  be  completely  isolated 
from  other  parts  of  the  cam¬ 
pus.  All  of  their  considerations 
—  electrical,  cooling,  water  — 
will  be  separate,”  he  says. 

“We’re  not  there  yet,  but  you 
need  to  be  ready’ 

Gittlen  is  a  freelance  writer  in 
Northborough,  Mass.  She  can  be 
reached  at  sgittlen@charter.net. 


nww.com 

Need  new  ideas  for  the  New  Data  Center?  Learn  more  at  IT 
Roadmap:  Boston  |  March  6, 2007 

Clustered  servers.  Grid  computing.  Virtualized  storage.  Perimeterless,  holistic 
security.  Service-oriented  management  platforms.  It's  the  landscape  of  the  new 
data  center.  Explore  it  all.  Join  us  at  IT  Roadmap:  Boston  FREE.  Qualify  at: 

http://www.networkworld.com/6845 


THE#% 

Salix 


GROUP 


COMPUTER  SECURITY  and  RECORDS  PRIVACY 

including 

SABOTAGE  -  VANDALISM  -  FIRE  &  THEFT 


Store  tapes,  D.L.T.'s,  Tk50/70  cartridges,  CD-ROM's 
and  any  other  type  of  data  media  -  in  a  data  safe. 


Store  paper  documents  and  computer  media  in 
the  mixed  media  safes  and  files. 

_  Units  protect  valuable  records  from  fire,  water, 
®  smoke,  humidity,  sunlight,  theft  and  sabotage. 


~  All  units  are  covered  by  a  lifetime  Replacement  of  Product 
w  Guarantee  and  a  $100,000.  Replacement  of  Contents  Guarantee. 


Units  are  available  in  various  sizes  based  upon 
***  your  requirements. 


$  leasing  from  $49  per  month  OR  ADD  TO  YOU  EXISTING  HARDWARE  LEASES!!! 


THE  SALIX  GROUP  #  1-800-668-9319  •  www.salixgroup.com 


Production  Tracking  Over  Ethernet 

Eliminate  your  shop-floor 
PCs  with ... 

Ethernet  Terminals  from 
ComputerWise  connected  to 
your  in-house  LAN. 

Capture  production  data 
directly  into  files  on  your 
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Smaller  hard  drives  yielding 
big  benefits  in  the  data  center 


BY  LINDA  MUSTHALER 

Two  trends  in  hard  disk  technology  are  coming  together 
to  create  a  compelling  set  of  benefits  for  buyers  of  servers 
and  storage  devices.  Drives  are  getting  smaller,  faster  and 
less  expensive,  and  you  get  to  reap  the  benefits. 

The  first  trend  is  the  server  and  storage  manufacturers’ 
move  to  Serial  Attached  SCSI  (SAS)  devices.  Available 
since  about  mid-2005,  SAS  is  quickly  replacing  the  older 
technology  of  parallel  SCSI  drives.The  main  benefit  of  the 
SAS  technology  is  speed;  data  can  move  in  and  out  of  the 
drives  more  quickly  in  the  serial  configuration. 

The  second  trend  in  drive  technology  is  enabled  by  SAS. 
Because  the  physical  connector  of  a  SAS  drive  is  about  a 
quarter  the  size  of  the  connector  of  a  traditional  SCSI  drive, 
SAS  drives  have  taken  a  small  form  factor  (SFF).  Drives 
have  shrunk  from  3.5  inches  in  size  to  2.5  inches. 

The  SFF  SAS  drives  address  two  major  concerns  of  the 
data  center  manager:  performance  and  power  efficiency 
Because  the  2.5-inch  drives  are  70%  smaller  than  the  3.5- 
inch  drives,  the  distance  needed  to  span  the  disks  to  read 
and  write  data  is  shorter,  vastly  improving  performance  and 
reliability.  SFF  SAS  drives  deliver,  on  average,  130%  to  150% 
greater  system  performance  in  the  same  footprint.  They 
also  are  less  likely  to  fail. 

These  SFF  drives  also  need  40%  less  power,  meaning  they 
run  cooler  than  previous  generations  of  drives.  And  be¬ 
cause  the  drives  are  smaller,  there  is  more  room  inside  the 
server  cabinet  to  allow  for  better  air  circulation. The  small 
size  also  means  that  more  drives  can  fit  into  a  cabinet, 
yielding  more  capacity  to  store  your  data. 

The  main  manufacturers  of  the  SFF  SAS  drives  are  Sea¬ 
gate  Technologies  and  Fujitsu  Computer  Products.  Both 


BY  PHIL  HOCHMUTH 

Investors  showered  over  $21  million  collectively  on  two 
open  source  start-ups  last  week:  Fonalityan  Asterisk  IP  PBX 
vendor,  and  Groundwork  Open  Source,  a  network  man¬ 
agement  firm. Venture  capitalists  are  betting  these  compa¬ 
nies  will  challenge  larger  vendors  such  as  Avaya  or  Nortel 
in  telephony,  or  HP  or  IBM  in  network  management,  with 
lower-cost,  open  source-based  products. 

Groundwork  Open  Source,  which  received  $12.5  million 
from  investors  JAFCO  and  SAP  Venture,  makes  the  Ground- 
Work  Monitor,  which  allows  IT  administrators  to  view  per¬ 
formance  and  operations  data  on  multiple  servers  and 
applications  across  a  network.The  prod¬ 
uct  ties  together  several  open  source 
tools,  including  the  Nagios  network 
management  tool,  with  Apache,  PHP 
and  a  MySQL  database  to  provide  a 
complete  monitoring  system,  the  com¬ 
pany  says. 

The  software  itself  runs  on  Red  Hat 
Linux  and  SUSE  enterprise  servers  or 
workstations,  as  well  as  CentOS.  Ground- 
Work  offers  the  source  code  and  soft- 


companies  report  phenomenal  sales  of  the  SFF  SAS  drives. 
Seagate,  for  instance,  has  sold  about  2  million  drives  in  the 
past  nine  months.Fujitsu, too, reports  that  sales  of  the  drives 
are  ramping  up  steeply 

This  is  good  news  for  the  customer.  Unless  your  company 
puts  together  its  own  servers  or  storage  units,  you  are  likely 
buying  from  manufacturers  such  as  HRIBM.Sun  and  Dell. 
These  companies  have  jumped  on  the  SFF  SAS  bandwag¬ 
on  in  a  big  way  especially  for  blade  servers.  Because  these 
manufacturers  are  purchasing  huge  volumes  of  the  drives, 
the  price  per  unit  is  dropping  sharply 

The  economies  of  scale  have  allowed  Seagate  to  cut  the 
price  of  one  SFF  SAS  drive  in  half  in  just  a  year.  As  the  cost 
of  components  drop,  the  price  of  a  complete  system  drops 
as  well. 

The  result  is  you  can  purchase  a  system  that  is  more  reli¬ 
able,  has  better  performance,  and  costs  less  to  operate 
than  previous  generations  of  servers  and  storage  devices. 
This  comes  when  more  companies  are  looking  to  con¬ 
solidate  servers  and  move  to  denser  server  and  storage 
platforms. 

If  you’re  interested  in  learning  more  about  the  technical 
aspects  of  SAS  and  specifically  SFF  SAS,  read  a  story  by 
Richard  Scruggs,  product  marketing  manager  for  HP’s 
Industry  Standard  Server  Division  (www.nwdocfinder. 
com/7424)  .  Also,  Fujitsu  offers  a  few  white  papers  about 
the  technology,  and  Seagate  provides  information  about  its 
Sawio  line  of  SFF  SAS  drives. 

Musthaler  is  a  principal  analyst  at  Essential  Solutions,  a 
Houston  technology  assessment  firm.  She  can  be  reached  at 
lmusthaler@essential-iws. 


ware  on  which  its  product  is  based,  as  well  as  professional 
subscription-based  services  for  companies  using  the  code 
in  production. 

Meanwhile,  Fonality  which  makes  an  open  source-based 
VoIP  system  for  small  businesses,  received  a  $7  million  in¬ 
vestment  from  Azure  Capital  Partners,  which  previously 
invested  in  the  company.  Like  Groundwork  Open  Source, 
Fonality  takes  a  popular  open  source  platform  —  in  this 
case,  the  Asterisk  IP  telephony  system  —  and  packages  it 
into  a  product,  including  management  tools  and  support 
offerings.  Fonality's  PBXtra  is  a  small-office  phone  system. 
It  also  sells  a  hosted  VoIP  service  which  uses  the  PBXtra 
device  as  a  customer  premise  box  to 
terminate  calls. 

We  may  be  almost  a  decade  past  the 
time  when  venture  capitalists  threw 
money  at  firms  such  as  VA  Linux  and 
Red  Hat,  in  the  hopes  of  a  lucrative  IPO 
payday.  But  clearly  investors  still 
believe  there  is  value  in  companies  that 
repackage  freely  available  software 
with  support  and  services  offerings  for 
businesses.® 
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WORDS 

Vendor  Solutions  for  Your  IT  Challenges 

COMPANY:  RealOps,  Inc. 

OVERVIEW:  RealOps  is  the  pioneer  and  leader  in 
delivering  Run  Book  and  IT  Process  Automation  solutions. 
RealOps  solutions  bridge  people,  processes,  and  technol¬ 
ogy  within  IT  operations  -  enabling  customers  to  speed 
the  execution  of  critical  IT  service  functions,  minimize 
business  service  downtime  and  reduce  operational  costs. 

CHALLENGE:  RealOps  understands  that  companies 
today  rely  on  their  IT  organizations  to  provide  the  founda¬ 
tion  for  growth  and  profitability.  To  meet  this  challenge, 

IT  is  continually  looking  for  ways  to  deliver  services  more 
efficiently  and  cost-effectively.  Automating  Problem, 
Change  and  Service  Management  processes,  based  on 
ITIL  and  other  best-practices,  improves  overall  IT  efficiency 
and  helps  drive  business  value. 

SOLUTION:  RealOps  AutoPilot™  products  provide 
out-of-the-box  automation,  enabling  service  delivery 
organizations  to  provide  higher  quality  of  service  at 
reduced  costs  to  end-users.  Built  on  the  industry  leading 
RealOps  Automation  Management  Platform  (AMP™), 
AutoPilot  products  for  Problem,  Change  and  Service 
Management  offer  sophisticated  condition-based  auto¬ 
mation  for  the  repetitive,  manual  tasks  that  Operations, 

IT  and  Customer  Support  personnel  perform  every  day 
and  enable  companies  to  move  closer  to  a  self-managing 
computing  and  network  infrastructure. 

AutoPilot  products  provide  comprehensive,  pre-designed 
best-practice  process  designs,  key  performance  indica¬ 
tors  and  canned  reports  that  can  be  quickly  implement¬ 
ed  to  deliver  rapid  time  to  value. The  RealOps  AutoPilot 
product  suite  helps  organizations  reduce  fire  fighting, 
eliminate  human  error,  solve  problems  faster  and  enforce 
process  compliance. 

For  instance,  AutoPilot  for  Network  Problem  Manage¬ 
ment  provides  the  capabilities  you  need  to  ensure 
successful  management  of  the  incident  and  problem 
lifecycle  across  your  next-generation  network  infrastruc¬ 
ture.  Using  pre-defined,  ITIL-based  processes,  AutoPilot 
is  easily  integrated  with  your  existing  infrastructure  to 
automate  network  problem  diagnosis,  triage  and  reme¬ 
diation  activities. 

For  more  information  on  RealOps' IT  Process  Automation 
solutions  please  visit  our  website  or  give  us  a  call. 


Transforming  IT  Through  Automation 

877.6.REALOPS  (877.673.2567) 
www.realops.com 


E-MAIL  NEWSLETTER  SHOWCASE:  Linux 

VGs  bet  big  on  open  source  companies 


nww.com 

In  your  in-box 

Sign  up  for  this  or  any  of  Network 
World's  many  other  e-mail  newsletters. 

www.  Hwdocf nder.  com/1 00  2 
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Dual-core 
Do  more. 


DUE  TQDBY  |l  /ifum/nuiil/Hinminiiil 

"3GB  SCSI  Xft  DISK  TO  CLIENTS  RAID  5  CONFIG 

-*  UPGRADE  CRYPTO  LIBRARIES  ON  SERVERS  C-f 
WITHIN  THE  WWW  LOAD  8ALANCIN6  CLUSTER 

-»  FOLLOW  UP  WITH  TOM  IE-  DB  CONTROL  PANEL  ERROR 

CALL  BOB  RE:  MAIL  SERVER  may  NEED  AN  OPWLAOE  T 

*  PERFORM  SECURITY  AUDIT  ON  SERVERS  X.Y2- 
DEUIIER  FULL  REPORT  8Y  8Pf1 

**  NETWORK  ARCH.  DIAGRAM  POPl  CtHJX  fRMJTY 

BUILD  NEW  BOX  W/  IIS  +  M8S0L  +  WIOOWS  MEDIA  SERVER 
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YOU'VE  ALWAYS  BEEN 
COOL  UNDER  PRESSURE. 
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The  HP  BladeSystem  c-Class  with  Thermal  Logic  Technology. 

Thanks  to  our  intuitive  Thermal  Logic  Technology,  now  you  can  assess 
your  power  usage  and  system  temperature  so  you  can  respond  quickly 
to  changing  needs.  The  graphical  thermal  dashboard  provides  you 
with  an  instant  snapshot  of  the  power  consumption,  heat  output  and 
cooling  capacity  of  your  environment  —  all  on  one  screen.  With  the  HP 
BladeSystem,  you'll  have  the  ability  to  lower  power  usage  and  heat 
without  sacrificing  performance. 

Simply  plug  in  the  HP  ProLiant  BL460c  server  blade,  featuring 
Dual-Core  Intel  Xeon  Processors,  and  you'll  get  the  performance  and 
versatility  you  need  to  support  32-  and  64-bit  computing  environments. 
Using  the  HP  BladeSystem  for  your  business  will  keep  the  control  exactly 
where  it  should  be  —  in  your  hands. 

Experience  the  HP  BladeSystem  and  download  the  IDC  White 
‘——I  Paper  "Enabling  Technologies  for  Power  &  Cooling." 


Click  www.YouAlwaysHadlt.com/cool4 

Call  1-866-625-4087 
Visit  your  local  reseller 


Dual-Core  is  a  new  technology  designed  to  improve  performance  of  multithreaded  software  products  and  hardware-aware  multitasking  operating  systems  and  may  require  appropriate  operating  system  software  for  full  benefit;  check 
with  software  provider  to  determine  suitability;  not  all  customers  or  software  applications  will  necessarily  benefit  from  use  of  this  technology.  Requires  a  separately  purchased  64-bit  operating  system  and  64-bit  software  products  to  take 
advantage  of  the  64-bit  processing  capabilities  of  the  Dual-Core  Intel  Xeon  Processor.  Given  the  wide  range  of  software  applications  available,  performance  of  a  system  including  a  64-bit  operating  system  will  vary.  Intel's  numbering  is  not 
a  measurement  of  higher  performance.  Intel,  the  Intel  Logo,  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  The  information  contained  herein 
is  subject  to  change  without  notice.  ©2006  Hewlett-Packard  Development  Company,  L.P, 


Have  you  changed  your  approach 
because  autonomic  computing  tech¬ 
nologies  aren't  as  widely  used  as  you 
thought  they  would  be  by  now? 

We  knew  from  the  beginning  that  solv¬ 
ing  the  problem  of  complexity  went 
beyond  IBM’s  scope.  But  in  working  with 
large  enterprises,  we’ve  learned  how 
much  collaboration  is  needed  on  the 
standards  and  technologies  that  will 
bring  about  this  sea  change.  And  so 
we’ve  built  what  I  call  the  autonomic 
ecosystem. This  is  about  getting  partici¬ 
pation,  not  just  from  other  software  ven¬ 
dors  but  from  systems  integrators,  as  well 
as  working  with  channel  partners  and 
resellers.  Part  of  the  ecosystem  also  heav¬ 
ily  involves  research,  and  now  we  are 
working  with  other  research  organiza¬ 
tions,  corporations  and  universities.  If 
you’re  really  going  to  address  the  full  set 


example  is  the  eFuse  technology  in  the 
Power5  chips.  It  can  change  circuit 
design  based  on  environmental  attri¬ 
butes,  such  as  voltage  or  temperature. 
This  means  performance  problems  can 
be  handled  right  in  the  hardware  with¬ 
out  human  intervention. 

The  more-complex  cool  examples 
come  at  the  top  of  the  stack,  leverag¬ 
ing  the  autonomic  capabilities  of 
numerous  products.  We  focus  on  work¬ 
load  management,  provisioning  and  IT 
optimization,  building  these  capabili¬ 
ties  into  products,  such  as  the  latest 
WebSphere,  the  DB2  Viper  release,  and 
Tivoli  provisioning  and  orchestration 
software.This  reduces  the  need  to  pro¬ 
vision  hardware  to  meet  the  peak  core 
requirements  by  enabling  the  real-time 
provisioning  of  what’s  needed,  improv¬ 
ing  availability. 
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The  man  behind  IBMs  autonomic- 
computing  initiatives  gives  us  a  status  report 


BY  BETH  SCHULTZ 

For  the  past  five  years,  Dave  Bartlett  has  been  IBM’s  chief  authority 
guiding  large  enterprises  on  how  best  to  use  self-managing  technologies 
and  standards.  Today,  as  vice  president  of  industry  solutions,  Bartlett  is 
charged  with  using  his  autonomic-computing  expertise  to  create  highly 
repeatable,  end-to-end  packages  that  any  company  in  a  vertical  market 
segment  could  implement  easily.  Here  he  delivers  a  status  report  about 
autonomic  computing,  a  foundational  New  Data  Center  concept. 


Has  autonomic  computing  achieved  its 
promise  yet? 

If  you  look  back  five  years,  the  big 
concern  was  that  IT  systems  were  too 
complex  to  manage  and  maintain. 
That’s  still  where  we  are  today,  and  the 
autonomic  standard  of  self-managing 
technology  is  still  the  solution.  It’s  the 
one  initiative  that  cuts  across  multiple 


customer  platforms  and  technologies. 

What  we  didn’t  realize  was  how  much 
time  and  effort  it  would  take  to  have 
autonomic  computing  take  hold 
throughout  the  industry  and  truly  trans¬ 
form  the  way  we  work.  I  can  point  to 
many  individual  examples  of  success, 
but  autonomic  computing  still  is  not 
pervasive  across  the  industry. 


of  what  customers  are  faced  with,  that’s 
going  to  require  a  certain  amount  of 
innovation,  as  well  as  group-level  support 
for  this  transformation.  We’ve  moved 
from  yesterday’s  concept  of  innovation 
being  a  closed,  proprietary  thing  to 
something  that  really  needs  to  be  open. 
And  when  I  say  open,  I’m  talking  about 
very  open  in  a  way  I  haven’t  seen  in  this 
industry  in  IBM,  before.This  is  contribut¬ 
ing  to  open  source,  being  very  open  in 
the  standards  work  with  traditional  com¬ 
petitors,  being  very  open  on  bringing  our 
research-and-development  resources 
right  to  the  customer  site,  doing  open 
partnerships  with  universities. 

I’ve  read  that  IBM  itself  has  imple¬ 
mented  more  than  500  self-managing 
features  in  75  distinct  products.  What 
are  the  coolest? 

At  the  most  fundamental  level,  an 
example  is  the  “airbag"  technology  in 
the  ThinkPad  [notebook  computers] . 
One  of  the  things  we  focus  on  is  self¬ 
protection.  We  often  think  of  protection 
in  terms  of  viral  intrusions,  but  really  the 
biggest  danger  to  a  laptop  is  dropping  it 
and  then  losing  data  on  the  hard  drive  if 
the  head  crashes.  So  we  put  in  a  chip 
that  can  sense  a  change  in  velocity  and 
pull  the  write-read-write  heads  off  of  the 
drives  and  thus  protect  the  data.  Another 


How  has  autonomic  computing  shown 
its  enterprise  value? 

One  example  is  how  Guardian  Life 
Insurance  [in  New  York]  applied  auto¬ 
nomic  technology  for  spotting  prob¬ 
lems  in  business  applications.  Before  IT 
administrators  at  Guardian  Life  deploy 
new  applications,  they  simulate  the 
deployment  in  a  test  environment. 
During  the  test,  the  various  applica¬ 
tions,  servers  and  network  devices  nat¬ 
urally  generate  error  logs  when  they 
experience  hardware  and  software  fail- 
ures.The  challenge  was  that  these 
error  logs  appeared  in  different  for¬ 
mats,  which  made  it  hard  to  identify 
the  source  of  the  problems.The  time 
and  effort  it  took  to  isolate  and  fix 
problems  was  delaying  software 
deployment  and  costing  the  company 
money.  Using  IBM’s  autonomic  prob¬ 
lem-determination  technology, 
Guardian  Life  systems  now  detect,  ana¬ 
lyze  and  diagnose  problems  without 
human  intervention, so  repair  is  faster 
and  easier.  IBM’s  technology  also 
allowed  Guardian  Life  to  centralize  the 
scattered  error  logs  into  a  single  format 
so  they  can  be  viewed,  analyzed  and 
resolved  easily.  Guardian  Life  has  said 
it  has  cut  the  time  required  to  fix  prob¬ 
lems  by  90%  —  and  that’s  more  than 
an  incremental  few  percent! 
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RELAX.  YOU’RE  IN  CONTR 

Manage  remote  offices  from  wherever  you  are. 


RELAX.  YOU’RE  IN 


NOW. 


Secure  your  Data  Center.  No  software  licensing  fees. 


State  of  the  art  security 

Dependable,  Powerful,  Secure,  Guaranteed 


'/  24/7  Mission  Critical  Reliability 

l  :mK  .  Tr,  Industry  Best  Video 

::  UltraLink™  0SB>  ps/2>  Serial  Support 

Digital  KVM  IP  Single,  Dual,  Quad  Models 


Digital  KVM  IP 
Switches 

Switch  &  control  1,000s 
of  computers  &  network 
devices  over  IP 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 
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Multi- platform 
KVM  switches 

Switch  &  control  1,000s  of 
computers  and  network 
devices 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 
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KVM  Extenders 

Extends  keyboard,  video, 
and  mouse  signals  up  to 
33,000  feet 

Fiber,  CATx 
DVI,  VGA,  High  Res. 
PS/2,  USB,  Sun 
Audio,  Serial 


KVM  Rack  Drawers)  j  Panel  Mount  LCD 


The  most  efficient  way  to 
organize  your  server  room. 

1U  or  2U 

15",  17",  19"  or  20" 
VGA,  DVI 
PS/2,  USB,  or  Sun 
Touchpad  or  Trackball 


Mounts  vertically  in  a 
standard  19"  rack. 

15",  17",  19",  20",  or  23" 

VGA,  DVI,  S-Video 
Optional  Touchscreen 
Optional  Built-in  KVM  Extenders 


ROSE  US 
ROSE  EUROPE 
ROSE  ASIA 
ROSE  AUSTRALIA 


281  933  7673 
+44  (0)  1264  85057 
+65  6324  2322 
+617  3388  1540 


www.rose.com 

281  933  7673  800  333  9343 

ROSE  ELECTONICS  10707  STANCUFF  ROAD  -  HOUSTON,  TEXAS  77099 


ELECTRONICS 


instantly  Search 
Terabytes  ofText 


Instantly  Search  Terabytes  of  Text 


♦  over  two  dozen  indexed,  unindexed,  fielded  data  and  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  and  PDF,  while  displaying  links,  formatting  and 


images 


♦  converts  other  file  types  (word  processor,  database,  spreadsheet,  email  and 
attachments,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 

♦  Spider  supports  static  and  dynamic  Web  content,  with  WYSWYG  hit-highlighting 

♦  API  supports  .NET /.NET  2.0,  C++,  Java,  SQL  databases.  New  .NET /.NET  2.0  Spider  API 


dtSearch®  Reviews 


♦  "Bottom  line:  dtSearch  manages  a  terabyte  of  text  in  a  single  index 

and  returns  results  in  less  than  a  second"  -  InfoWorld 

♦  "For  combing  through  large  amounts  of  data,  dtSearch  "leads  the  market" 

-  Network  Computing 

♦  "Blindingly  fast"-  Computer  Forensics:  Incident  Response  Essentials 

♦  "Covers  all  data  sources  ...  powerful  Web-based  engines"-  eWEEK 

♦  "Searches  at  blazing  speeds"-  Computer  Reseller  News  Test  Center 

♦  "The  most  powerful  document  search  tool  on  the  market"-  Wired  Magazine 
For  hundreds  more  reviews  —  and  developer  case  studies  —  see  www.dtsearch.com 


Contact  dtSearch  for  fully-functional  evaluations 


The  Smart  Choice  for  Text  Retrieval®  since  1991 

1-800-IT-FINDS  •  www.dtsearch.com 


Start  with  the  right  rack, 
and  you  can't  go  wrong. 

Get  the  seamlessly  integrated,  fully  compatible  NetShelter®  rack  system  from  APC®. 


APC,  the  name  you  trust  for  power  protection,  also 
offers  a  comprehensive  line  of  non-proprietary  racks,  rack 
accessories  and  management  tools  that  ensure  the  highest 
availability  in  a  multi-vendor  environment.  With  APC  racks, 
accessories,  and  management  tools,  you  can  design  a 
comprehensive  rack  solution  that  meets  your  availability 
needs  for  today  and  that  easily  scales  up  for  tomorrow. 

Need  assistance?  Our  expert  Configure-to-OrderTeam 
can  custom  tailor  a  complete  rack-mount  solution  , 
that  suits  your  specific  requirements. 


Contact  APC  today  and  protect  your  rack  application  with 
Legendary  Reliability®. 


The  NetShelter®  SX  is 
vendor  neutral  and  carries 
the  "Fits  Like  a  Glove" 
compatibility  guarantee. 


DELI »  CISCO  *  LUCENT  y 


NetShelter9  SX  starts  at  $1150 

Hack  enclosures  with  advanced  cooling,  power  distribution,  and 

cable  management  for  server  and  networking  applications  in  IT 

environments. 

•  Integrated  rear  cable  management  channels  allow  easy  routing, 
management  and  access  to  large  numbers  of  data  cables. 

•  3000  lbs.  weight  capacity. 

•  Vendor-neutral  mounting  for  guaranteed  compatibility. 

•  Toolless  mounting  increases  speed  of  deployment. 

Rack  PDU  starts  at  $89.99 

Power  distribution  that  remotely  controls  power  to  individual  outlets 
and  monitors  the  aggregate  power  consumption. 

•Switched,  metered,  and  basic  models  available. 

•  Includes  horizontal/verticai  mounts,  tool  less  or  easy  bracket  installation. 

•  Puts  power  in  the  racks  near  the  equipment  where  it  is  needed  most. 

•  Wide  range  of  input  and  output  connections  from  single-phase  to 
3-phase. 

Cable  Management  starts  at  $29.99 
Comprehensive  selection  of  accessories  designed  to  organize 
power  or  data  cables  within  a  rack  environment. 

•  Eliminates  clutter  and  cable  stress. 

•  OU  of  rack  space  with  the  vertical  cable  organizer. 

•  Quick-release  tabs,  toolless  mounting. 

Rack-Mount  Keyboard  Monitor  starts  at  $1550 
HJrack-mountable  integrated  keyboard,  monitor  and  mouse. 

•  15"  or  17"  ultra-thin,  LCD  monitor  with  integrated  keyboard. 

•  Ease  of  installation  minimizes  support  and  maintenance  costs 
ensuring  lower  total  cost  of  ownership. 

•  Can  be  used  in  a  variety  of  IT  environments  from  computer 
rooms  to  large  data  centers. 

Rack  Air  Removal  Unit  SX  starts  at  $2600 
Hear-door  fan  system  for  performance  heat  removal  up  to  23kW 

•  Temperature  controlled,  variable  speed  fans  allow  reduced 
energy  consumption  during  off-peak  cooling  periods. 

•  Ducted  exhaust  system  increases  air  conditioning  efficiency 
and  prevents  hot  spots  by  eliminating  recirculation. 

•  Manageable  via  Web,  SNMP,  Telnet  and  local  LCD  display. 


NetShelter  is  completely 
compatible  with  all  APC 
award-winning  InfraStruXure® 
architecture,  allowing  you  to 
add  rack,  power  and  cooling 
on  a  scalable  as-needed  basis. 


NetBotz®  Security  and  Environmental  starts  at  $889 
Protecting  IT  assets  from  physical  threats. 

Visual  monitoring  of  all  activities  in  the  data  center  or  wiring  closet. 
Third-party  monitoring  via  dry-contacts,  SNMP  I  PM  I,  0-5V  and  4-20mA. 
User-configurable  alarm  and  escalation  policies. 

Temperature,  humidity,  and  leak  detection. 


Register  to  WIN  Five  1U  Blanking  Panel  Kits  Value:  $114.95 

Say  goodbye  to  hot  racks!  Keep  enclosures  cool  -  and  efficiency  high  -  by  installing  blanking 
panels  (SKU:  AR8108BLK)  in  unused  rack  space.  You'll  feel  the  difference!  Register  online  today 

For  full  details.  Visit  www.apc.com/promo  Key  Code  r622x  •  Call  888.289.APCC  x3828  •  Fax  401.788.2797  Legendary  Reliability 
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Changing  the  architecture  of 
Distributed  Network  Monitoring 


NETWORK  TAPS 

DISTRIBUTED  DATA 
COLLECTION  SYSTEMS 

Monitor  the  entire  infrastructure 
from  a  single  and  central  location 

•  Reduce  overall  deployment  costs 

•  Increase  monitoring  coverage 

•  Improve  response  time  to 
troubleshooting  &  security  incidents 


i mm 


Call  +1  (650)  697-8770  www.vssmonitormg.com 


VSS  monitoring  Inc. _ 

Based  in  Silicon  Valley,  VSS  is  the  leader  in  Network  Taps  and  Distributed  Data 
CoJIection  Systems  Serving  Banks,  Telco's,  Enterprise  &  Government  Worldwide. 


The  Truth  about  Secure-Out-Of-Band 


Terminal  server  vendors,  who  proclaim  that 
they  have  Secure  Out  Ot  Band  products,  rely 
on  RADIUS,  TACACS+  and  other  in-band 
protocols  to  provide  security.  By  inference, 
they  imply  they  secure  out  of  band  access 
when,  in  fact,  they  offer  only  network  security, 
which  conflicts  with  out  of  band  access. 


A  true  Secure  But  of  Band  Management 
solution  should  provide  strong  security  without 
reliance  upon  network-based  protocols. 


CDI  offers: 

Hardware  encryption  over  dial-up 
and  network  connections 
r1-*  RSA  certified  SecurlD  authentication 
without  a  network. 
r1-*  Patented  central  management  of  all 
remote  devices 


Full  NIST,  FIPS  140-2  certifications  *-n 
Remote  Power  control 


Homologous  world-wide  approved  *-n 
internal  modems 


CDI  has  been  building  encryption  equipment  for  over  fifteen  years.  Our  customers  and  partners  include 
major  financial  institutions,  government  agencies,  major  telcos,  utilities,  and  the  United  States  military. 


Communication  Devices  Inc. 
www.outofbandmanagement.com 


Eliminate  guess  work.  Put  the  new 
EM  Current  Meter  to  work  for  you. 
y  Monitor  up  to  40  channels  of  current 
y  Monitor  individual  outlet  consumption 
y  Access  without  downloading  software 
y  Receive  alerts  via  SNMP 
traps/alarms 
y  Utilize  superior  GUI 
interface 

y  Download  data  to  XML 


-  Network  Settings 
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SNMP  Settings 


Monitor  current  by 
y  Breaker 
y  Circuit 
y  Receptacle 
y  Phase 


Alarm  Settings 
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REMOTE  CURRENT  MONITOR 


SpAM**** 


Ethernet  Connection 
iPAdd-cs*  592  168  123  12  J 
Nr!  Wa«k  255  235.3S6  0 
Gfctew  ay  i98.tlM.IJ3i 


The  Ethernet  Meter  is  available  in  numerous 

BGeist  PDU  configurations.  Contact  Geist 
at  800-432-3219  to  design  your  next  power 
strip  with  monitoring  per  your  specifications 
ms  including  individual  outlet  monitoring. 

Igeist 
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JETWORKS 


HIGH-END,  LOW  COST 
LOAD  BALANCING  SOLUTIONS 

Prices  starting  at  $  1,499  with  no  per  server  license  fees. 
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RECLAIM  YOUR  NETWORK 


Powerful.  Easy  to  use.  Affordable. 

The  Barracuda  Load  Balancer  is  designed  to 
deliver  powerful  IP  load  balancing  and 
network  intrusion  prevention  at  an 
affordable  price.  Like  our  award-winning 
Spam  Firewalls  and  Web  Filters,  configura¬ 
tion  is  simple  and  operation  is  virtually 
maintenance-free. 


FREE  EVALUATION  UNITS  AVAILABLE 

www.barracuda.com  or  1 -888-ANTI-SPAM 


SENSAPHONE® 


IMS -4000 


•  She’s  watching  PHYSICAL  SECURITY  with  video,  motion, 
and  door  switches. 

•  She’s  tracking  ENVIRONMENTAL  THREATS  like 
temperatures,  power  failures,  water  on  the  floor,  smoke,  fire, 
and  more. 

•  She’s  checking  NETWORK  CONNECTIVITY 
and  SERVER  RESPONSE. 


Motion 


Temperature 


The  IMS-4000  is  a  scaleable,  stand  alone, 
Infrastructure  Monitoring  System  with  data 
trending,  instant  notification,  integrated 
battery  backup,  and  redundant  communi¬ 
cation  paths  for  maximum  reliability. 


Humidity 


Water 


Smoke 


To  learn  more  visit 
www.ims-4000.com 


Monitor  everything  that  threatens  your  data  center, 
and  Know  Everything. 


Or  call  toll  free 
877-373-2700 


UpNext: 

IT  ROADMAP:  CHICAGO 


APRIL  4,  2007 

Donald  E.  Stephens 
Convention  Center 


40  IT  all-stars,  analysts,  vendors  and  end  users 
8  tracks  of  mission-critical  technology 
1  day  that  pays  enterprise-wide 

APPLICATION  &  CONTENT  SECURITY  •  THE  NEW  DATA  CENTER 
ENTERPRISE  MOBILITY  •  NAC  (NETWORK  ACCESS  CONTROL) 

NETWORK  &  APPLICATION  ACCELERATION  •  NETWORK  MANAGEMENT 
STORAGE  &  DATA  COMPLIANCE  •  VOIP,  CONVERGENCE  &  COLLABORATION 


Register  Today! 

www.networkworld.com/RM7GF1 


ORKWORLD 

Conference  &  Expo 
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Efficiently  aggregate  full-duplex  data  into 
your  analysis  or  security  device. 

•Supports  10/100/1000 

•  Stream  into  two  different  devices 

•  Rack  mount  up  to  three  across 

•  Supports  all  commercial  analysis  systems 

•  Also  works  with  open-source  tools 

Learn  more.  Visit  www.networkTAPs.com. 
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Buffer  options: 

256  MB . $1,495 

512  MB . $1,995 


TM 


Choose  from  a  variety  of  configurations,  options,  and  pricing.  Plus  a 
complete  line  of  copper  and  optical  nTAPs  for  full-duplex  analyzer  systems. 
Free  overnight  delivery* 

www.networkTAPs.com  •  1-866-GET-nTAP 
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'Free  overnight  delivery  on  all  U.S.  orders  over  $295  confirmed  before  1 2  p.m.  Central  Time. 
©  2006  Network  Instruments,  LLC.  nTAP  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LLC. 


Protect  Your  IT  Equipment...  Don't  Wait  Until  It's  Too  Late! 


IT  Environment  Monitoring 

Digital  Temperature 
Digital  Humidity 
Main  /  UPS  Power 
Flood  /  Water 
Smoke  /  Fire 


Solutions 
Start  At  $295 


Cameras,  Sound,  Light,  Air  Flow, 
Room  Entry,  Dry  Contacts  &  More 


Easy  Online  Ordering  At 

Environment  Monitor.com 


SL 


AVTECH 

Software 


888.220.6700 

401.847.6700 


AVTECH.com 

EnvironmentMonitor.com 


•  FREE# 

inform® 


advice  ]  news  [  lips 

Subscribe  to  Network  World's  free  e-newsletters. 

Network  World  offers  more  than  50  technology  specific 
e-mail  newsletters,  written  by  experienced  editors  and  industry 
experts.  You  can  sign  up  for  any  of  our  newsletters  by  going  to 

www.networkworld.com/nlsub 
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Cisco  extends  LAN  security 


BY  STEPHEN  LAWSON 

Cisco  last  week  brought  a  raft  of  security  mecha¬ 
nisms  for  wired  LANs  to  the  wireless  part  of  corpo¬ 
rate  networks. 

The  vendor  has  upgraded  its  software  and 
launched  a  set  of  guidelines  for  integrating  wired 
and  wireless  security,  called  the  Cisco  Secure 
Wireless  Solution. The  system  makes  the  wired  and 
wireless  networks  work  together  to  bolster  security 
For  example,  if  a  notebook  PC  is  connected  to  the 
LAN  via  a  wired  port,  its  wireless  radio  will  be 
turned  off  automatically  to  prevent  an  attacker  from 
using  the  wireless  connection  as  a  path  on  to  the 
WLAN.  In  addition,  a  Cisco  WLAN  controller,  the 
mechanism  in  an  appliance,  router  or  switch  that 
controls  wireless  infrastructure,  can  disconnect  a 
WLAN  client  that  poses  a  threat. 

The  new  capabilities  are  available  to  any  cus¬ 
tomer  with  current  Cisco  software,  says  Chris 
Kozup,  manager  of  mobility  solutions  at  Cisco. 
Customers  can  use  the  guidelines  themselves  to 
build  a  security  architecture  or  enlist  the  help  of 
Cisco’s  services  organization  or  third  parties. 

Customers  are  able  to  bring  wireless  devices  into 
Cisco’s  security  system,  which  is  built  around  mak¬ 
ing  sure  any  client  is  authorized  and  free  of  threats 
before  it  can  hook  up  to  the  network.  But  bringing 
the  same  set  of  tools  into  the  wireless  domain  can 
make  that  process  easier,  Kozup  says.  For  example, 
if  an  enterprise  wanted  to  secure  wireless  clients 


using  Cisco’s  Network  Access  Control  appliance, 
the  user  connecting  via  wireless  would  have  to 
manually  log  into  the  Network  Access  Control.  Now 
that  process  can  be  transparent  to  the  user,  just  as  it 
is  on  the  wired  network,  he  says. 

In  addition  to  the  Network  Access  Control,  the 
architecture  includes  Cisco’s  ASA  firewall,  Security 
Agent,  Intrusion  Prevention  System  software, Secure 
Access  Control  Server  and  Secure  Services  Client. 
These  longtime  features  of  Cisco’s  wired  security 
are  being  extended  to  WLANs  as  the  company’s  lat¬ 
est  step  toward  unifying  wired  and  wireless  into 
one  network,  Kozup  says. 

The  security  built  into  all  Wi-Fi  products  has 
improved  in  recent  years,  and  many  vendors  sell 
tools  to  secure  WLANs,  such  as  Aruba’s  technology 
that  uses  encrypted  tunnels.  Cisco’s  new  approach 
may  not  be  significantly  more  secure  than  those 
options,  but  it  can  simplify  life  for  IT  administrators, 
says  Farpoint  Group  analyst  Craig  Mathias.  For  one 
thing,  it’s  easier  if  security  for  both  parts  of  the  net¬ 
work  uses  a  single  directory  of  users,  he  says. 

Approaches  that  are  less  expensive  and  more 
scalable  can  work  just  as  well,  says  Burton  Group 
analyst  Dave  Passmore. “This  is  Cisco  assuming  the 
network  perimeter  needs  to  be  protected  right  at 
every  edge,  rather  than  a  more  centralized 
approach,”  he  says.  There  are  no  significant  threats 
to  an  enterprise  LAN  that  can’t  be  handled  from 
within  the  wired  part  of  the  network.”® 


Volume  servers 
sucking  up  power 


BY  JENNIFER  MEARS 

Energy  consumption  in  corpo¬ 
rate  data  centers  doubled  be¬ 
tween  2000  and  2005,  caused  in 
large  part  by  the  spreading  use  of 
volume  servers,  a  new  report  says. 

The  study  was  commissioned 
by  AMD  and  conducted  by 
Jonathan  Koomey  a  staff  scientist 
at  Lawrence  Berkeley  National 
Laboratories  and  a  consulting 
professor  at  Stanford  University 

Koomey  found  that  servers  and 
associated  infrastructure,  such  as 
cooling  and  uninterruptible  pow¬ 
er  supplies,  in  U.S.  data  centers 
consumed  about  45  billion  kilo¬ 
watt  hours  of  electricity  in  2005, 
accounting  for  about  1.2%  of  the 
country’s  electricity  consump¬ 
tion,  roughly  equal  to  the  power 
drawn  by  the  nation’s  color  televi¬ 
sions.  The  electricity  costs  for  the 
servers  and  associated  infrastruc¬ 
ture  reached  $2.7  billion. 

Koomey  found  the  bulk  of  the 


Start-up  to  alert  IT  on  app  performance 


BY  DENISE  DUBIE 

A  start-up  with  roots  in  Israel 
plans  to  change  the  landscape  of 
application  management  with 
software  that  baselines  normal 
application  behavior  and  gives  IT 
a  heads  up  about  anomalous  be¬ 
havior  all  the  way  down  to  the 
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user  desktop. 

Aternity,  formerly  known  as 
Gelion  Networks,  started  in  2004, 
garnered  $7.5  million  in  venture 
capital  funding  in  March  2005 
and  quietly  launched  its  Aternity 
Solution  software  last  summer. 

The  company  which  has  devel- 
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oped  software  that  can  tell  net¬ 
work  managers  which  applica¬ 
tions  within  a  Citrix  server  are 
having  problems,  says  it  can  pin¬ 
point  the  root  cause  of  applica¬ 
tion-performance  problems  and 
prevent  them  from  affecting  users. 

“Our  software  establishes  this 
baseline  that  understands  what  is 
normal  and  can  apply  attributes 
such  as  location,  time  of  day  days 
of  week,  business  groups  and 
more,”  says  Jaimin  Patel,  vice  pres¬ 
ident  of  business  development 
and  marketing  at  Aternity  “If  any 
deviations  take  place,  we  are  able 
to  detect  it  sooner  than  most 
users  will  be  able  to  feel  the  per¬ 
formance  problem.We  can  give  IT 
managers  an  actual  list  of  users 
that  will  be  affected.” 

Aternity’s  efforts  fall  in  line  with 
moves  by  such  application-man¬ 
agement  vendors  as  Citrix  (with 
its  Reflectent  Software  acquisi¬ 
tion)  ,  Compuware,  Coradiant,  Mer¬ 
cury  Interactive  (now  part  of  HP) 
and  TeaLeaf  to  capture  applica¬ 
tion  performance  on  desktop 
machines  and  monitor  the  quality 
of  experience  for  users.  The  soft¬ 


ware  is  also  similar  to  network 
behavior-analysis  tools  that  moni¬ 
tor  traffic  for  anomalous  patterns 
to  better  secure  internal  networks. 

Aternity  Solution  consists  of 
server  software  and  distributed 
software  agents  on  managed 
clients.  The  server  software  con¬ 
tains  an  analysis  engine,  data¬ 
base  and  reporting  capabilities 
that  enable  network  managers  to 
view  normal  and  abnormal 
behavior  patterns.  The  company 
says  the  software  baselines  typi¬ 
cal  behavior  and  is  able  to  alert 
IT  staff  when  applications  begin 
to  perform  in  an  unfamiliar  man¬ 
ner.  It  can  pick  up  on  such  irregu¬ 
larities  as  slowing  response 
times,  additional  hops  along  a 
delivery  chain  or  unnecessary 
system  queries. 

As  for  how  the  company  dif¬ 
fers  from  competitors,  Aternity 
says  it  doesn’t  discriminate 
between  Web-based  and  inter¬ 
nal-based  applications  when 
tracking  performance. 

Patel  says  the  company  will 
launch  officially  an  updated  pro¬ 
duct  in  the  coming  months.® 


Demanding  power 

If  IDC’s  server  forecasts 
hold,  worldwide  server  energy 
consumption  will  increase 
40%  from  2005  to  2010,  provid¬ 
ed  power  demands  per  server 
remain  fixed.  If  power  use  per 
server  increases,  as  it  did 
between  2000  and  2005,  then 
energy  consumption  will  spike 

76% 

by  2010. 


increase,  about  90%,  was  caused 
by  the  rise  in  the  number  of 
servers,  those  priced  below 
$25,000  and  most  powered  by 
AMD  or  Intel  processors.  While 
these  systems  have  become 
increasingly  powerful,  energy 
use  per  server  has  increased 
slightly,  from  about  190  watts  per 
server  in  2000  to  about  220  watts 
per  server  in  2005.  As  a  result,  the 
spike  in  energy  consumption  is 
linked  to  the  number  of  volume 
servers  installed,  which  has  risen 
dramatically,  jumping  from 
about  12  million  in  2000  to  26 
million  in  2005. 

“Mainly  this  is  a  story  of  volume 
servers  becoming  much  more 
common,”  Koomey  says. 

In  addition,  the  systems  are 
increasingly  dense,  with  blade 
servers  and  multicore  machines, 
making  it  even  more  important  for 
organizations  to  consider  energy 
efficiency  in  charting  data-  center 
deployments,  Koomey  says. 

“In  the  data  centers  that  we’ve 
done  benchmarking  on.  you  typi¬ 
cally  find  a  third  or  half  of  the 
racks  are  empty  because  you’ve 
got  air  cooling  and  a  lot  of 
restraints  in  how  many  servers 
you  can  pack  in,” he  says. 

In  one  organization  the  data 
center  had  maxed  out  its  energy 
availability,  but  with  a  redesign,  it 
was  able  to  add  more  servers, 
Koomey  says. 

“They  changed  out  the  lighting, 
and  they  moved  some  of  the 
unnecessary  air-conditioning 
units  and  the  fans  and  other  stuff, 
and  they  were  able  to  increase 
the  number  of  servers  in  their 
server  room  by  30%  while  remain¬ 
ing  under  the  same  power  bud¬ 
get,”  he  says.  ® 
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BACKSPIN 


Mark  Gibbs 


High  expectations  and  hacking 


recent  Forrester 
Research  report  found 
ithat  as  far  as  CEOs  are 
concerned,  IT  groups  per¬ 
form  up  to  expectations 

(hooray!),  but  those  expectations  are  low  (boo).  In  other 
words,  CEOs  think  about  IT  the  way  Congress  thinks  about 
the  proposed  surge  of  troops  to  Iraq:  They’re  willing  to 
vote  against  it,  but  the  vote  will  be  nonbinding. 

Yep,  low  expectations  are  part  and  parcel  of  what  peo¬ 
ple  expect  of  complex  situations  and  large  organizations. 
Consider  the  case  of  Shawn  Carpenter:  He  expected  that 
his  employer,  Sandia  National  Labs,  as  well  as  the  Army 
and  the  FBI,  would  care  about  national  security  enough  to 
do  something  about  a  major  hacking  attack.  His  expecta¬ 
tions  were  way  too  high. 

In  2004  Carpenter  discovered  that  Chinese  hackers  had 
been  mounting  a  series  of  attacks  on  major  American  net- 
works.These  attacks  had  been  in  progress  since  at  least 
2003,  and  the  U.S.  government  (in  the  guise  of  the  Army 
and  the  FBI,  as  far  as  I  can  tell)  even  had  a  name  for 
them: Titan  Rain. 

Carpenter  found  out  that  Sandia  Labs  was  under  attack, 
so  he  took  the  story  to  Sandia’s  security  wonks.  Popular 
opinion  has  it  that  the  Sandia  security  people  wanted  to 
avoid  “embarrassment,”  and  wanted  him  to  drop  it. 


Carpenter  didn’t  drop  it.  He  somehow  got  tied  up  with 
U.S.  Army  counterintelligence,  which,  in  turn,  hooked  him 
up  with  the  FBI.  Eventually,  the  FBI  got  cold  feet  and  also 
requested  that  Carpenter  desist. 

You  may  wonder  why  the  FBI  would  get  chicken-heart¬ 
ed. The  reason  was  Carpenter  was  hacking  to  find  the 
hackers  and  in  the  process  doing  things  that  are  illegal, 
such  as  cracking  routers  and  installing  spyware. 

It  was  at  this  point  that  Sandia  found  out  what  Carpenter 
was  doing  (again,  how  they  found  out  isn’t  clear)  and  not 
only  fired  him,  but  also  had  his  security  clearance  can¬ 
celed. The  word  on  the  street  (I  love  that  phrase  but  actual¬ 
ly  it  was  Time  Magazine')  is  that  the  head  of  Sandia’s  secu¬ 
rity  wanted  him  “punished  for  disobeying  his  demands  not 
to  inform  outside  law  enforcement  agencies.” 

Carpenter  took  Sandia  to  court  in  2006  and  last  week 
prevailed,  with  the  jury  finding  Sandia  guilty  of  firing 
Carpenter“in  violation  of  public  policy’ Better  yet  for 
Carpenter,  they  awarded  him  $4.7  million  in  damages!  Of 
course,  Sandia  will  appeal,  but  at  least  Carpenter  has  been 
vindicated.  He  also  got  his  security  clearance  back  and  is 
working  for  another  government  department. 

Various  commentators  have  characterized  Carpenter  as 
“pig-headed”  and  “stubborn (and  certainly  he  was  commit¬ 
ted  to  finding  the  hackers  in  a  way  that  wasn’t  self-preserv¬ 
ing.  On  the  other  hand,  he  sincerely  believed  that  what  he 


was  doing  was  in  the  national  interest  and  we  should 
applaud  him  for  that. 

Now,  what  of  his  illegal  hacking?  Obviously  the  FBI  must 
have  been  encouraging  him  for  the  obvious  reason  that 
he  could  get  results  quickly  and  they  couldn’t.  As  I  under¬ 
stand  it,  if  the  FBI  wants  to  attempt  such  activities,  it  has  to 
fill  out  forms  in  triplicate,  after  which  they  are  lost,  found, 
lost  again,  buried  in  soft  peat  for  three  months  and  recy¬ 
cled  as  firelighters. 

Which  raises  the  interesting  question  of  how  can  we 
protect  our  network  and  computer  assets  if  our  security 
agencies  are  hamstrung  by  laws  designed  for  the  public 
at  large?  You’d  have  to  be  insanely  optimistic  to  think  that 
hacking  of  our  assets  by  random  hostile  foreigners  is  not 
going  to  get  much  worse. 

I  have  a  suggestion:  Let’s  call  open  season.  Let’s  take  all 
of  the  antihacking  legislation  off  the  books  and  make  it 
the  responsibility  of  computer  owners  to  keep  their  own 
assets  safe.  Let’s  create  a  culture  of  online  paranoia  so  that 
we  take  security  seriously 

Of  course,  my  suggestion  reeks  of  high  expectations. We 
all  want  that  cozy  feeling  that  comes  with  the  false  sense 
of  safety  and  if  Congress  were  to  vote  on  such  a  proposal 
it  would  approve  it.  As  long  as  it  was  nonbinding. 

Your  vote  to  backspin@gibbs.com. 
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News,  insights  and  oddities 


Prepaid  credit  cards:  Future  of  finance? 


Pau!  McNamara 


Prepaid  credit  cards  for  those  without  bank  accounts 
and  teens  without  self-control  have  been  available  in 
the  United  States  for  years.  Now,  Visa  New  Zealand,  in 
cooperation  with  that  country's  postal  service,  is  taking  the  concept  to  a  new  level 
that  promises  a  measure  of  protection  from  online  identity  theft,  but  also  the 
prospect  of  abuse  by  young  people  looking  to  access  adult  services,  and  criminals 
needing  a  cloak  of  anonymity. 

Moreover,  Visa  says  these  prepaid  cards  are  becoming  a  "de  facto”  means  of  con¬ 
ducting  commerce  online.The  company  is  anticipating  the  market  for  them  will  move 
well  beyond  gift-giving  and  those  who  otherwise  cannot  get  regular  credit  cards. 

Whether  this  evolutionary  change  in  prepaid  cards  will  be  moving  to  a  post  office  or 
convenience  store  near  you  is  a  question  I  couldn’t  get  Visa  USA  to  answer. 

Called  the  "Prezzy  Card,”  New  Zealanders  may  buy  them  preloaded  with  an  amount 
between  $25  and  $500  at  any  postal  outlet  —  without  providing  any  identification  or 
proof  of  age.  Although  cash  purchases  are  limited  to  $100,  the  stipulation  seems  little 
deterrent  to  an  individual  interested  in  amassing  a  kitty  of  untraceable  online  currency. 

From  a  New  Zealand  press  report:  "[Visa's]  New  Zealand  country  manager  lain 
Jamieson  says  it  is  already  clear  that  prepaid  Visa  cards  have  a  far  wider  market  and 
are  emerging  as  a  ‘de  facto'  tool  for  online  shopping.  Customers  key  in  the  number  and 
expiry  date  on  the  card  when  buying  online,  as  with  a  standard  credit  card,  and  type 
'prezzy  card  holder"  into  the  name  field,  if  required.  NZ  Post  has  so  far  sold  40,000 
Prezzy  Cards,  and  more  than  10  percent  of  the  transactions  have  been  online  purchases, 
Jamieson  says.  About  5  percent  of  standard  credit  card  transactions  are  made  online.” 

in  the  United  States,  parental  controls  are  not  only  a  staple  of  prepaid  credit  card 
programs,  such  as  Payjr  Prepaid  MasterCard  and  Visa  Buxx;  they  are  marketed  to  par¬ 
ents  as  a  primary  justification  for  caving  in  to  a  child's  craving  for  plastic.  If  teens  can 
i  ’d  their  allowance  and  after-school  job  earnings  onto  plastic  that  is  free  from  any 
oversight  by  Mom  and  Dad,  one  would  guess  that  such  an  arrangement  would  prove 


popular  with  young  people  —  if  not  their  parents. 

As  for  which  merchants  will  or  will  not  accept  such  anonymous  payments  —  porn 
sites,  gambling  venues,  etc.  —  that’s  another  can  of  worms.  Visa  has  not  mandated  any 
age  verification  by  online  merchants  who  accept  the  cards. 

Wikipedia:  On  the  brink?  Or  ctying  wolf? 

Florence  Devouard,  chairwoman  of  the  Wikimedia  Foundation,  touched  off  a  tempest 
recently  with  her  suggestion  that  Wikipedia  has  funding  for  only  another  quarter  and 
“might  disappear"  if  donations  don’t  pick  up _ Dire  stuff,  if  true. 

Devouard  told  a  conference  audience:  “At  this  point,  Wikipedia  has  the  financial 
resources  to  run  its  servers  for  about  three  to  four  months.  If  we  do  not  find  additional 
funding,  it  is  not  impossible  that  Wikipedia  might  disappear.” 

A  spokeswoman  for  the  organization  stepped  up  with  this  backpedaling,  which  was 
posted  to  Nick  Carr's  blog:  “Ms.  Devouard’s  comment  was  taken  out  of  context,”  she 
claimed,  although  it’s  difficult  to  imagine  the  context  in  which  “might  disappear”  could 
be  taken  differently.  “Wikipedia  will  not  be  closing  anytime  soon.  Ms.  Devouard  was 
simply  referring  to  the  ongoing,  pressing  needs  for  funds  that  Wikipedia,  like  most  non¬ 
profit  organizations,  face.  Ms.  Devouard  was  attempting  to  showcase  how,  because  of 
our  global  reach,  Wikipedia  needs  to  be  much  more  creative  in  its  fundraising  efforts.” 

On  the  last  score  there  can  be  little  dispute. 

When  you  think  about  the  impact  that  Wikipedia  has  had  upon  our  society  —  not  all  of 
it  good,  certainly  —  it’s  astounding  that  the  organization  tasked  with  keeping  it  afloat 
has  to  resort  to  bake  sales  and  begging.  When  last  we  checked  in  on  Wikipedia's  fund¬ 
raising  efforts,  they  were  closing  in  on  $1  million,  with  the  current  total  about  $1.1  mil¬ 
lion. They  say  they  need  $5  million  a  year  to  sustain  operations. 

That  math  certainly  doesn't  look  good. 

Contributions  to  them.  Comments  to  buzz@nww.com. 
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MILAN  SWITCH  AND  WIRELESS  PRODUCTS 


SIMPLY 


CONNECT  THE  DEVICES  YOU  NEED 


MILAN’S  MIL-SM80I  series  of 
layer  2  managed  switches 
provides  high  performance  non- 
blocking  switching. 
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The  ShAir  AccessG  Pro 
AP/Bridge:  MILAN’S  new 
cost-effective,  enterprise-class 
wireless  access  point. 


llglfll 
-  «i 


The  MIL-SM240 1 M  Series  is 
MILAN’S  most  powerful,  flexible 
line  of  Layer  2  management 
switches. 
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Don;t  pay  for  unneeded  hassles.  MILAN  puts  simplicity  within 
your  reach,  freeing  you  from  unnecessary  entanglements  to  focus 
on  the  real  work  of  administration. Transition  Networks,  the 
industry  leader  in  product  quality,  availability  and  support,  now 
offers  MILAN  switching  and  wireless  products  to  help  you  simply 
connect  the  devices  you  need  —  priced  and  optimized  for  small- 
to  mid-sized  business.  Why  pay  more  for  simplicity? 


MILAN  BY 

TRANSITION 

NETWORKS® 


www.milan.com  800~526~9267 
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CERN  &  P 


zve  Networ 


CERN  uses  ProCurve  Switches  because 
we  generate  a  colossal  amount  of  data, 
making  dependability  a  top  priority." 

— David  Foster,  Communication  Systems  Group  Leader,  CERN 


CERN  has  joined  with  ProCurve  to  build  their  network  based 
on  high-performance  security,  reliability  and  flexibility, 
along  with  a  lifetime  warranty.*  From  the  world’s  largest 
applications,  to  a  company-wide  email,  just  think  what 
ProCurve  could  do  for  your  network. 


Get  a  closer  look  at  CERN  and  the 
world's  biggest  physics  experiment. 

Visit  www.hp.com/go/procurveCERN3. 

For  more  information,  call  (800)  975-7684,  Ref.  Code  CERN3 


ProCurve  Networking 

HP  Innovation 


For  as  long  as  you  own  the  product,  with  next-business-day  advance  replacement 
(available  in  most  countries).  For  details,  refer  to  the  ProCurve  Software  License, 
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